HIGH
nextgeneditor
CVE published 2026-06-19
CVE-2017-20252
CVE-2017-20252 is a high-severity SQL injection vulnerability in Joomla NextGen Editor 2.1.0. Unaffected attackers can execute arbitrary SQL commands via the plname parameter in GET requests to index.php with option=com_nge&view=config. This vulnerability has a CVSS score of 8.8, indicating a high level of risk. Defenders should prioritize patching or mitigating this vulnerability to prevent potential data breaches.