CVE-2026-49048
Joomla Extension - joomcoder.com - Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation.
| CWE | CWE-89 |
| Vendor | joomcoder.com |
| Product | joomcck extension for joomla |
| Published | Jun 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for joomcoder.com joomcck extension for joomla
Be the first to know when new unknown vulnerabilities affecting joomcoder.com joomcck extension for joomla are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
joomcoder.com / JoomCCK extension for Joomla
1.0-6.4.0
Credits
Kamil Soltanov