The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Convert_forms | Convert_forms_project | * | 2.0.4 (excluding) |