CVE-2017-7628 – CVE-2017-7628 is a critical SQL injection vulne... (How to Fix)

Q: What is the severity of CVE-2017-7628?

CVE-2017-7628 has a CVSS score of 9.8 (CRITICAL). CVE-2017-7628 is a critical SQL injection vulnerability in the 'Smart related articles' extension for Joomla! that allows attackers to execute arbitrary SQL commands via the search_cats parameter in dialog.php. This affects all Joomla! installations using version 1.1 of this extension. Successful exploitation could lead to complete compromise of the Joomla! database.

📋 TL;DR

CVE-2017-7628 is a critical SQL injection vulnerability in the 'Smart related articles' extension for Joomla! that allows attackers to execute arbitrary SQL commands via the search_cats parameter in dialog.php. This affects all Joomla! installations using version 1.1 of this extension. Successful exploitation could lead to complete compromise of the Joomla! database.

💻 Affected Systems

Products:

Joomla! Smart related articles extension

Versions: Version 1.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Joomla! installations with the vulnerable extension enabled.

📦 What is this software?

Smart Related Articles by Smart Related Articles Project

View all CVEs affecting Smart Related Articles →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise including sensitive data theft, privilege escalation, and complete system takeover through subsequent attacks.

🟠

Likely Case

Database information disclosure, data manipulation, and potential administrative access to Joomla! installation.

🟢

If Mitigated

Limited impact if proper input validation and WAF rules are in place, though risk remains due to direct SQL execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple POST request with malicious SQL payload required. Public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://vel.joomla.org/live-vel/1952-smart-related-articles-1-1-sql-injection

Restart Required: No

Instructions:

1. Remove the Smart related articles extension 1.1 from your Joomla! installation. 2. Delete all extension files from the server. 3. Consider alternative extensions with proper security.

🔧 Temporary Workarounds

Disable vulnerable extension

all

Disable the Smart related articles extension in Joomla! admin panel

Navigate to Extensions > Manage > Manage, find 'Smart related articles', click Disable

WAF rule blocking

linux

Add WAF rule to block requests containing SQL injection patterns to dialog.php

ModSecurity rule: SecRule REQUEST_URI "@contains dialog.php" "id:1001,phase:2,deny,status:403,msg:'Blocking Smart related articles exploit'"

🧯 If You Can't Patch

Implement strict input validation for all POST parameters in dialog.php
Add authentication requirement for accessing dialog.php functionality

🔍 How to Verify

Check if Vulnerable:

Check if /components/com_smartrelatedarticles/dialog.php exists and extension version is 1.1 in Joomla! admin panel

Check Version:

Check Joomla! Extensions Manager for 'Smart related articles' version

Verify Fix Applied:

Confirm extension is removed or disabled, and dialog.php is no longer accessible

📡 Detection & Monitoring

Log Indicators:

POST requests to dialog.php with search_cats parameter containing SQL keywords
Unusual database queries from Joomla! application user

Network Indicators:

HTTP POST to /components/com_smartrelatedarticles/dialog.php with SQL payloads

SIEM Query:

source="web_logs" AND uri="*dialog.php*" AND method="POST" AND (search_cats="*SELECT*" OR search_cats="*UNION*" OR search_cats="*OR*1=1*")

📊 Metadata

CVE ID: CVE-2017-7628

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: April 13, 2017

Last Updated: April 20, 2025

🔗 References

https://extensions.joomla.org/extension/smart-related-articles/ Not Applicable
https://gist.github.com/anonymous/14576258b0e66bb25ca4b7ca1638e51f Issue Tracking,Patch,Third Party Advisory
https://vel.joomla.org/live-vel/1952-smart-related-articles-1-1-sql-injection Third Party Advisory
https://extensions.joomla.org/extension/smart-related-articles/ Not Applicable
https://gist.github.com/anonymous/14576258b0e66bb25ca4b7ca1638e51f Issue Tracking,Patch,Third Party Advisory
https://vel.joomla.org/live-vel/1952-smart-related-articles-1-1-sql-injection Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-7628, you might also want to check these: