Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the category path segment to extract sensitive database information.
Metrics
Affected Vendors & Products
References
History
Mon, 22 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 21 Jun 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Joomboost
Joomboost joomrecipe |
|
| Vendors & Products |
Joomboost
Joomboost joomrecipe |
Fri, 19 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the category path segment to extract sensitive database information. | |
| Title | Joomla JoomRecipe 1.0.3 SQL Injection via category parameter | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published: 2026-06-19T16:44:50.989Z
Updated: 2026-06-22T19:43:13.378Z
Reserved: 2026-06-19T15:09:34.450Z
Link: CVE-2017-20278
Updated: 2026-06-22T19:42:35.280Z
No data.
No data.