CNNVD-202507-2426 Information

CNNVD ID

CNNVD-202507-2426

Related CVE

CVE-2025-49484

• CNNVD Published: 2025-07-18

Description (Chinese)

Joomsky JS Jobs是Joomsky公司的一款基于 Joomla 内容管理系统 (CMS) 开发的 招聘管理插件。 Joomsky JS Jobs 1.0.0版本至1.4.1版本存在SQL注入漏洞，该漏洞源于对参数cvid的错误操作导致SQL注入攻击。

Description (English)

Joomsky JS Jobs is a recruitment management plugin developed by Joomsky based on Joomla Content Management System (CMS). Joomsky JS Jobs Versions 1.0.0 to 1.4.1 contain an injection loophole in SQL, which stems from an error in the operation of the parameter cvid that led to the SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Joomsky

Published

2025-07-18

Last Modified

2026-02-24

References

https://github.com/AdamWallwork/CVEs/tree/main/2025/CVE-2025-49484 https://joomsky.com/js-jobs-joomla/ https://access.redhat.com/security/cve/cve-2025-49484 https://www.exploit-db.com/exploits/52373

Patch

https://joomsky.com/js-jobs-joomla-free/