CVE-2017-20265
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk15th percentile - higher than 15% of all known CVEs
Summary
The Joomla! Component Flip Wall version 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter.
Risk Assessment
Attackers can access sensitive database information, which may lead to serious security breaches for the organization.
Recommendation
It is recommended to update the Flip Wall component to the latest version to mitigate this vulnerability and to monitor server logs for potential attack attempts.
Original NVD description (English source)
Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=com_flipwall&task=click&wallid parameter containing SQL injection payloads to extract sensitive database information.

