Skip to main content

Acymailing Com Acymailing Extension For Joomla

1 CVEs product

Monthly

CVE-2026-56292 CRITICAL Act Now

SQL injection in the AcyMailing newsletter/email-marketing extension for Joomla (all versions before 10.11.1) allows remote attackers to inject crafted database queries, resulting in unauthorized database access and data leakage. The high CVSS 4.0 score (9.2) reflects unauthenticated network reach and high confidentiality impact against the Joomla back-end database. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but a public disclosure write-up exists on mysites.guru.

SQLi Acymailing Com Acymailing Extension For Joomla
NVD
CVSS 4.0
9.2
EPSS
0.3%
EPSS 0% CVSS 9.2
CRITICAL Act Now

SQL injection in the AcyMailing newsletter/email-marketing extension for Joomla (all versions before 10.11.1) allows remote attackers to inject crafted database queries, resulting in unauthorized database access and data leakage. The high CVSS 4.0 score (9.2) reflects unauthenticated network reach and high confidentiality impact against the Joomla back-end database. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but a public disclosure write-up exists on mysites.guru.

SQLi Acymailing Com Acymailing Extension For Joomla
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy