Quix Page Builder Pro Extension For Joomla
Monthly
SQL injection in the Quix Page Builder Pro extension for Joomla lets remote unauthenticated attackers inject arbitrary SQL through a crafted request, enabling database read and write against affected sites. The CVSS 4.0 base score is 8.7 (High), reflecting network vector, low complexity, no privileges, and high impact to confidentiality, integrity, and availability of the vulnerable database. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; a third-party disclosure write-up exists on mysites.guru.
SQL injection in the Quix Page Builder Pro extension for Joomla lets remote unauthenticated attackers inject arbitrary SQL through a crafted request, enabling database read and write against affected sites. The CVSS 4.0 base score is 8.7 (High), reflecting network vector, low complexity, no privileges, and high impact to confidentiality, integrity, and availability of the vulnerable database. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; a third-party disclosure write-up exists on mysites.guru.