vulnerability
Joomla!: [20191202] - Core - Various SQL injections through configuration parameters (CVE-2019-19846)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Dec 18, 2019 | Dec 18, 2019 | Aug 11, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Dec 18, 2019
Added
Dec 18, 2019
Modified
Aug 11, 2025
Description
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
Solution
joomla-upgrade-3_9_14
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.