Aggregates CVE and security vulnerability intelligence across all j2store-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-13996 | The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager. | [email protected] | 8.8 | 1.34% | 2020-06-09 | 2024-11-21 |
| CVE-2019-9184 | SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. | [email protected] | 9.8 | 8.98% | 2019-02-26 | 2024-11-21 |
| CVE-2015-6513 | Multiple SQL injection vulnerabilities in the J2Store (com_j2store) extension before 3.1.7 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) sortby or (2) manufacturer_ids[] parameter to index.php. | [email protected] | 7.5 | 2.17% | 2015-08-18 | 2026-05-06 |