cbcvebase.
CVE-2017-17871
published 2017-12-27

CVE-2017-17871: The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

PriorityP261critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.65%
83.7th percentile
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
jextnjextn_question_and_answer

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://localhost/[PATH]/index.php/en/component/jequestions/?view=tags&an=[SQL]
command%2dVerAyari'%20%2f*!06666UNION*%2f%20%2f*!06666SELECT*/%201%2c(SELECT%20GROUP_CONCAT(table_name%20SEPARATOR%200x3c62723e)%20FROM%20INFORMATION_SCHEMA.TABLES%20WHERE%20TABLE_SCHEMA=DATABASE())%2c3%2c4%2c5%2c6%2c7%2c8%2c9%2c10%2c11%2c12%2c13%2c14%2c15%2c16%2c17%2c18%2c19%2c20%2c21%2c22%2c23%2c24%2c25%2d%2d%20%2d
path/index.php/en/component/jequestions/
  • Monitor HTTP requests to the Joomla component path '/index.php/en/component/jequestions/' for the 'an' parameter containing SQL injection patterns such as UNION SELECT or comment-based obfuscation (e.g., /*!06666UNION*/, /*!06666SELECT*/).
  • Detect SQL injection attempts via the 'ques-srch' parameter in the JEXTN Question And Answer component, in addition to the 'an' parameter in view=tags actions.
  • Look for URL-encoded SQL UNION-based injection payloads using MySQL version-specific comment syntax (/*!06666UNION*/ and /*!06666SELECT*/) in query parameters targeting Joomla component jequestions.
  • ·The exploit PoC uses 'localhost' as the target host; in real-world attacks the host will differ. Detection rules should focus on the component path and parameter patterns rather than the hostname.
  • ·The vulnerability affects specifically version 3.1.0 of the JEXTN Question And Answer extension; other versions are not confirmed vulnerable per the advisory.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.