CVE-2026-49048
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jun 28, 2026
Vendor
unknown
Description
The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation.