CVE-2025-49484

Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.1 for Joomla

Description

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.

INFO

Published Date :

2025-07-18T09:51:44.430Z

Last Modified :

2025-09-30T04:36:47.498Z

Source :

Joomla

AFFECTED PRODUCTS

The following products are affected by CVE-2025-49484 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-49484.

URL	Resource
https://github.com/AdamWallwork/CVEs/tree/main/2025/CVE-2025-49484
https://joomsky.com/js-jobs-joomla/
https://www.exploit-db.com/exploits/52373

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability