CVE-2025-22209

CVE-2025-22209: Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

Vendor Joomsky.com

Product JS Jobs component for Joomla

Weakness CWE-89 · SQLi

Published February 15, 2025

Last update February 21, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.

Key dates

02Disclosure timeline

February 15, 2025 CVE published

February 21, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-22209 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

CVE-2025-22209: Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

01Description

02Disclosure timeline

03References

04Related CVE