CVE-2025-49485

Vulnerability Description

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter.

Related Weaknesses (CWE)

CWE-89

References

https://extensions.joomla.org/extension/forms/

FAQ

What is CVE-2025-49485?

CVE-2025-49485 is a documented vulnerability. A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter.

How severe is CVE-2025-49485?

CVSS scoring is not yet available for CVE-2025-49485. Check NVD for updates.

Is there a patch for CVE-2025-49485?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.