Joomla JS Jobs Plugin SQL Injection Vulnerability in Employer Payment History Feature

Vulnerability

A SQL injection vulnerability has been identified in the JS Jobs plugin for Joomla, affecting versions 1.1.5 through 1.4.3. This vulnerability allows authenticated administrators to execute arbitrary SQL commands by manipulating the 'searchpaymentstatus' parameter in the Employer Payment History search feature.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling authenticated attackers to execute arbitrary SQL commands, which could lead to unauthorized data access or manipulation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

5.0

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

5.0

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla JS Jobs Plugin SQL Injection Vulnerability in Employer Payment History Feature

Vulnerability

Impact

Affected Products

Joomsky JS Jobs

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating