CVE-2025-49484

Vulnerability Description

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.

Related Weaknesses (CWE)

CWE-89

References

https://github.com/AdamWallwork/CVEs/tree/main/2025/CVE-2025-49484
https://joomsky.com/js-jobs-joomla/
https://www.exploit-db.com/exploits/52373

FAQ

What is CVE-2025-49484?

CVE-2025-49484 is a documented vulnerability. A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application fe...

How severe is CVE-2025-49484?

CVSS scoring is not yet available for CVE-2025-49484. Check NVD for updates.

Is there a patch for CVE-2025-49484?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.