CVE-2025-22210

CVE-2025-22210: Extension - hikashop.com - SQL injection in Hikashop component version 3.3.0 - 5.1.4 for Joomla

Vendor Hikashop.com

Product Hikashop component for Joomla

Weakness CWE-89 · SQLi

Published February 25, 2025

Last update April 4, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the category management area in backend.

Key dates

Disclosure timeline

February 25, 2025 CVE published

April 4, 2025 Record updated