cbcvebase.
CVE-2018-6394
published 2018-02-17

CVE-2018-6394: SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.

PriorityP264critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.70%
84.1th percentile
SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.

Affected

1 ranges
VendorProductVersion rangeFixed in
techjoomlainvitex

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://localhost/[PATH]/index.php?option=com_invitex&view=invites&invite_type=[SQL]&invite_anywhere=1
commandindex.php?option=com_invitex&view=invites&invite_type=[SQL]&invite_anywhere=1
  • Monitor HTTP requests targeting the Joomla component 'com_invitex' with the parameter 'view=invites' and a potentially malicious 'invite_type' parameter value (e.g., containing SQL metacharacters or encoded payloads).
  • Alert on requests containing both 'option=com_invitex' and 'view=invites' query parameters, especially when 'invite_type' contains URL-encoded SQL injection sequences or unusual characters.
  • The exploit payload is Base64-encoded in the PoC; decode and inspect 'invite_type' values that are URL-encoded or Base64-encoded for embedded SQL injection strings such as UNION SELECT or CONCAT_WS.
  • ·The vulnerable component is specifically InviteX version 3.0.5 for Joomla!; ensure WAF/IDS rules are scoped to this component path and version to avoid false positives on other Joomla components.
  • ·The PoC URL uses 'localhost' as a placeholder; in real-world attacks the host will vary. Detection rules should match on the query string parameters (option=com_invitex, view=invites, invite_type) regardless of host.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.