What is GHSA-mw2w-cp8x-hqqh?

GHSA-mw2w-cp8x-hqqh is a security advisory published by GitHub Security Advisories with High severity. Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows...

Which CVE IDs does GHSA-mw2w-cp8x-hqqh cover?

GHSA-mw2w-cp8x-hqqh covers the following CVE IDs: CVE-2017-20262. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-mw2w-cp8x-hqqh?

GHSA-mw2w-cp8x-hqqh has a CVSS v3 base score of 8.2, published by GitHub Security Advisories.

GHSA-mw2w-cp8x-hqqhHighCVSS 8.2

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows...

Vendor

GitHub Security Advisories

Published

June 19, 2026

Last Modified

June 19, 2026

🔗 CVE IDs covered (1)

CVE-2017-20262 →

📋 Description

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. Attackers can send GET requests to index.php with the option=com_ajaxquiz and view=ajaxquiz parameters to extract sensitive database information including table names and column structures.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2017-20262
https://extensions.joomla.org/extensions/extension/living/education-a-culture/ajaxquiz
https://www.exploit-db.com/exploits/42532
https://www.vulncheck.com/advisories/joomla-component-ajax-quiz-sql-injection
http://webkul.com
https://github.com/advisories/GHSA-mw2w-cp8x-hqqh