Thephpfactory Penny Auction Factory — known CVE vulnerabilities
Every CVE whose affected-product data names Thephpfactory Penny Auction Factory, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2018-17378 — CVSS 9.8 (critical): SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.