Home / Vulnerability Intelligence / CVE-2021-47930

CVE-2021-47930 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: May 10, 2026

Balbooa Joomla Forms Builder - SQL Injection

Published: May 10, 2026Updated: May 10, 2026Remote Exploitable

Overview

Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection caused by improper sanitization of the 'id' field in the form submission handler, letting remote attackers execute arbitrary SQL queries.

Severity & Score

Severity: High

CVSS Score: 8.2

Impact

Remote attackers can execute arbitrary SQL queries, potentially extracting sensitive database information.

Mitigation

Update to the latest version of Balbooa Joomla Forms Builder.

References

https://www.balbooa.com/
https://www.exploit-db.com/exploits/50447
https://www.vulncheck.com/advisories/balbooa-joomla-forms-builder-sql-injection-unauthenticated

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2021-47930
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: new

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N