CVE 9.8 CRITICAL

Extension – joomcar.net – SQL injection in Articles Calendar 1.0.0 – 1.0.1.0007 for Joomla_CVE-2025-26855

August 14, 2025 invoker category_cve
9.8 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to execute arbitrary SQL commands.

Basic Information

ID CVE-2025-26855
Source Joomla
Published Jul 18, 2025 at 07:38
Modified Jul 23, 2025 at 11:14

Affected Product

Vendor joomcar.net
Product Articles Calendar extension for Joomla
Version 1.0.0-1.0.1.0007
Affected Versions joomcar.net Articles Calendar extension for Joomla 1.0.0-1.0.1.0007

CWE Classification

CWE-89

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.