cpe:/a:paymentsplus:payments_plus:2.1.5 CVE-2010-4992 2011-11-01T18:55:05.397-04:00 2017-08-28T21:29:09.800-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-11-02T12:37:00.000-04:00 EXPLOIT-DB 14265 BID 41458 SREASON 8497 MISC http://packetstormsecurity.org/1007-exploits/joomlapaymentsplus-sql.txt XF paymentspluscom-add-sql-injection(60166) SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.