cbcvebase.
CVE-2017-17870
published 2017-12-27

CVE-2017-17870: The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.00%
85.7th percentile
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

Affected

1 ranges
VendorProductVersion rangeFixed in
jbuildozerjbuildozer

Detection & IOCsextracted from sources · hover to see the quote

urlindex.php?option=com_jbuildozer&view=entriessearch&tmpl=component&mode=module&tpl=3&appid=
command1%20%20%2f*!05555Procedure*%2f%20%2f*!05555Analyse*%2f%20%28extractvalue(0%2c%2f*!05555concat*%2f%280x27,0x496873616e2053656e63616e,0x3a,@@version%29%29,0%29%2d%2d%20%2d
  • Monitor HTTP requests targeting the Joomla component 'com_jbuildozer' with the 'view=entriessearch' parameter, specifically inspecting the 'appid' parameter for SQL injection payloads (e.g., PROCEDURE ANALYSE, extractvalue, concat with hex-encoded strings).
  • Look for URL-encoded SQL injection patterns in the 'appid' parameter, particularly the use of MySQL versioned comments (/*!05555...*/) combined with PROCEDURE ANALYSE and extractvalue() error-based injection technique.
  • Flag requests to Joomla where 'option=com_jbuildozer' and 'view=entriessearch' appear together — this is the specific vulnerable component/view combination for CVE-2017-17870.
  • ·The exploit was tested only on specific platforms; coverage may vary across environments.
  • ·The vulnerable version is specifically 1.4.1 of the JBuildozer extension; other versions are not confirmed affected by this CVE.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.