{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/je-photo-gallery-1.1/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2018-25433"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["JE Photo Gallery 1.1"],"_cs_severities":["high"],"_cs_tags":["cve-2018-25433","sqli","joomla"],"_cs_type":"advisory","_cs_vendors":["Joomla"],"content_html":"\u003cp\u003eJoomla Component JE Photo Gallery version 1.1 is vulnerable to SQL injection, identified as CVE-2018-25433. This vulnerability allows unauthenticated attackers to extract sensitive database information. The attack involves injecting malicious SQL code through the \u003ccode\u003ecategoryid\u003c/code\u003e parameter in HTTP GET requests. Successful exploitation enables attackers to execute arbitrary SQL queries, potentially gaining access to sensitive data, including usernames and password hashes stored in the Joomla database. This poses a significant risk to the confidentiality and integrity of affected Joomla installations.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a Joomla website using JE Photo Gallery 1.1.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP GET request targeting the \u003ccode\u003eindex.php\u003c/code\u003e endpoint with the \u003ccode\u003ecom_jephotogallery\u003c/code\u003e component.\u003c/li\u003e\n\u003cli\u003eThe attacker injects SQL code into the \u003ccode\u003ecategoryid\u003c/code\u003e parameter of the GET request (e.g., \u003ccode\u003eindex.php?option=com_jephotogallery\u0026amp;view=category\u0026amp;categoryid=1' AND 1=1--\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe Joomla application processes the crafted request, and due to the SQL injection vulnerability, the injected SQL code is executed against the database.\u003c/li\u003e\n\u003cli\u003eThe attacker may use SQL injection techniques to extract data from database tables containing usernames, password hashes, and other sensitive information.\u003c/li\u003e\n\u003cli\u003eThe extracted data is returned to the attacker through the HTTP response.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the extracted data to identify valid user credentials.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2018-25433) allows unauthenticated attackers to extract sensitive database information from vulnerable Joomla installations using JE Photo Gallery 1.1. This can lead to the compromise of user accounts, disclosure of sensitive data, and potential unauthorized access to the Joomla website\u0026rsquo;s administration panel. The vulnerability has a CVSS v3.1 score of 8.2, indicating a high severity.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the provided Sigma rule \u003ccode\u003eDetect CVE-2018-25433 Exploitation - Joomla JE Photo Gallery SQL Injection Attempt\u003c/code\u003e to detect attempts to exploit this vulnerability by monitoring web server logs for suspicious \u003ccode\u003ecategoryid\u003c/code\u003e parameter values.\u003c/li\u003e\n\u003cli\u003eInspect web server logs for HTTP GET requests to \u003ccode\u003eindex.php\u003c/code\u003e with the \u003ccode\u003ecom_jephotogallery\u003c/code\u003e component and the \u003ccode\u003ecategoryid\u003c/code\u003e parameter containing SQL injection attempts (e.g., SQL keywords, comments).\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization for the \u003ccode\u003ecategoryid\u003c/code\u003e parameter in the JE Photo Gallery component to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eConsider removing the vulnerable JE Photo Gallery component if an update is not available or feasible.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-06-01T22:18:34Z","date_published":"2026-06-01T22:18:34Z","id":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25433-joomla-sqli/","summary":"Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability, tracked as CVE-2018-25433, allowing unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter.","title":"CVE-2018-25433 - Joomla JE Photo Gallery SQL Injection","url":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25433-joomla-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — JE Photo Gallery 1.1","version":"https://jsonfeed.org/version/1.1"}