Primary

Context

Joomla J2 Jobs Authenticated SQL Injection Vulnerability

Vulnerability

An authenticated SQL injection vulnerability has been identified in Joomla J2 Jobs version 1.3.0. This vulnerability allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information.

Impact

Exploitation of this vulnerability allows for authenticated SQL injection, enabling attackers to manipulate database queries and potentially access or modify sensitive database information.

Reproduction

To reproduce this vulnerability, send a POST request to the Joomla administrator index. Include a malicious 'sortby' value in the request. The injection can be verified by using a tool like sqlmap to extract database information.

Added: May 13, 2026, 6:53 PM

Updated: May 13, 2026, 6:53 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.1

remediation

0.0

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.1

remediation

0.0

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla J2 Jobs Authenticated SQL Injection Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Joomsky J2 JOBS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating