A SQL injection vulnerability in No Boss Calendar component before 5.0.7 for Joomla was discovered. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the id_module parameter.

Related CVEs

CVE-2025-49468

Key Information

GHSA ID

GHSA-742p-jhvm-7jqm

Published

June 13, 2025 12:30 PM

Last Modified

June 13, 2025 12:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.