CyberSec.Space Logo
Back to CVE Browser

CVE-2009-2554

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile33.06th
PublishedJul 20, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php.

Affected Platforms (CPE)

πŸ“¦
Olle Johansson

Jobline

= 1.1.2.2
πŸ“¦
Olle Johansson

Jobline

= 1.3.1

References & Advisories

πŸ”— http://secunia.com/advisories/35877
πŸ”— http://www.exploit-db.com/exploits/9187
πŸ”— http://www.securityfocus.com/bid/35728
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/51811
πŸ”— http://secunia.com/advisories/35877
πŸ”— http://www.exploit-db.com/exploits/9187
πŸ”— http://www.securityfocus.com/bid/35728
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/51811

Related Vulnerabilities

CVE-2006-701510.0

PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code vi...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-049210.0

Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerabilit...

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...