Acymailing Com Acymailing Extension For Joomla
Monthly
SQL injection in the AcyMailing newsletter/email-marketing extension for Joomla (all versions before 10.11.1) allows remote attackers to inject crafted database queries, resulting in unauthorized database access and data leakage. The high CVSS 4.0 score (9.2) reflects unauthenticated network reach and high confidentiality impact against the Joomla back-end database. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but a public disclosure write-up exists on mysites.guru.
SQL injection in the AcyMailing newsletter/email-marketing extension for Joomla (all versions before 10.11.1) allows remote attackers to inject crafted database queries, resulting in unauthorized database access and data leakage. The high CVSS 4.0 score (9.2) reflects unauthenticated network reach and high confidentiality impact against the Joomla back-end database. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but a public disclosure write-up exists on mysites.guru.