cbcvebase.
CVE-2017-17872
published 2017-12-27

CVE-2017-17872: The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.65%
83.7th percentile
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

Affected

1 ranges
VendorProductVersion rangeFixed in
jextnjextn_video_gallery

Detection & IOCsextracted from sources · hover to see the quote

urlindex.php?option=com_jevideogallery&view=category&id=99[SQL]
command99%20AND(SELECT%201%20FROM%20(SELECT%20COUNT(*),CONCAT((SELECT(SELECT%20CONCAT(CAST(DATABASE()%20AS%20CHAR)%2c0x7e,0x496873616e53656e63616e))%20FROM%20INFORMATION_SCHEMA.TABLES%20WHERE%20table_schema=DATABASE()%20LIMIT%200,1),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.TABLES%20GROUP%20BY%20x)a)
  • Detect SQL injection attempts targeting the JEXTN Video Gallery Joomla component by monitoring HTTP requests containing the query parameters 'option=com_jevideogallery', 'view=category', and a manipulated 'id' parameter.
  • Flag requests where the 'id' parameter in a 'view=category' action for 'com_jevideogallery' contains SQL keywords or encoded payloads such as AND, SELECT, CONCAT, FLOOR, RAND, or INFORMATION_SCHEMA references.
  • The SQL injection technique used is error-based (FLOOR/RAND GROUP BY), which produces database errors in HTTP responses — monitor for MySQL duplicate entry errors in server responses alongside the above request pattern.
  • ·The vulnerable component version is specifically 3.0.5 of JEXTN Video Gallery for Joomla!; detections should be scoped to installations running this version.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.