Primary

Context

Joomla J2 Jobs SQL Injection Vulnerability

Vulnerability

An authenticated SQL injection vulnerability has been identified in Joomla J2 Jobs version 1.3.0. This vulnerability allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can exploit this issue by sending POST requests to the administrator index with malicious 'sortby' values, potentially leading to the extraction of sensitive database information using automated tools.

Impact

Exploitation of this vulnerability allows for authenticated SQL injection, enabling attackers to manipulate database queries and extract sensitive information from the database.

Reproduction

To reproduce this vulnerability, send a POST request to the Joomla administrator index. Include a malicious 'sortby' value in the request. The injection can be automated using tools like sqlmap, targeting the 'sortby' parameter to extract database information.

Added: May 13, 2026, 6:52 PM

Updated: May 13, 2026, 6:52 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.1

remediation

0.0

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.1

remediation

0.0

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla J2 Jobs SQL Injection Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Joomsky J2 JOBS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating