CVE-2018-17377 – This CVE describes a SQL injection vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2018-17377?

CVE-2018-17377 has a CVSS score of 9.8 (CRITICAL). This CVE describes a SQL injection vulnerability in the Questions 1.4.3 component for Joomla! CMS. Attackers can exploit parameters like term, userid, users, or groups to execute arbitrary SQL commands on the database. All Joomla! installations using the vulnerable Questions component version are affected.

📋 TL;DR

This CVE describes a SQL injection vulnerability in the Questions 1.4.3 component for Joomla! CMS. Attackers can exploit parameters like term, userid, users, or groups to execute arbitrary SQL commands on the database. All Joomla! installations using the vulnerable Questions component version are affected.

💻 Affected Systems

Products:

Joomla! CMS with Questions component

Versions: Questions component version 1.4.3

Operating Systems: All platforms running Joomla!

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Joomla! installation with Questions component installed. The vulnerability is in the component itself, not core Joomla!.

📦 What is this software?

Questions by Extensiondeveloper

View all CVEs affecting Questions →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise allowing data theft, modification, or deletion; potential privilege escalation to administrative access; possible remote code execution if database configuration permits.

🟠

Likely Case

Unauthorized access to sensitive data stored in the database (user credentials, personal information, content); potential website defacement or data manipulation.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple public exploit scripts available. Exploitation requires no authentication and uses simple SQL injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Questions component version after 1.4.3

Vendor Advisory: https://extensions.joomla.org/extension/questions/

Restart Required: No

Instructions:

1. Update Questions component to latest version via Joomla! Extension Manager. 2. If update not available, uninstall Questions component completely. 3. Verify no vulnerable files remain in /components/com_questions/ directory.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation for term, userid, users, and groups parameters to reject SQL injection attempts

Modify component PHP files to add parameter validation before database queries

Web Application Firewall Rule

all

Block SQL injection patterns targeting Questions component parameters

Add WAF rule: Block requests containing SQL keywords in term, userid, users, or groups parameters

🧯 If You Can't Patch

Disable or uninstall Questions component immediately
Implement network segmentation to restrict database access from web server

🔍 How to Verify

Check if Vulnerable:

Check Joomla! administrator panel → Extensions → Manage → Check version of Questions component. If version is 1.4.3, system is vulnerable.

Check Version:

Check Joomla! administrator panel or examine /administrator/components/com_questions/ directory for version files

Verify Fix Applied:

After update, verify Questions component version is greater than 1.4.3. Test parameter inputs with SQL injection payloads to confirm they're blocked.

📡 Detection & Monitoring

Log Indicators:

SQL error messages in Joomla! logs
Unusual database queries from web server IP
Multiple failed parameter requests to Questions component

Network Indicators:

HTTP requests with SQL keywords in term/userid/users/groups parameters
Unusual database port traffic from web server

SIEM Query:

source="joomla_logs" AND (message="*SQL*error*" OR message="*Questions*component*")

📊 Metadata

CVE ID: CVE-2018-17377

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: September 28, 2018

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/149523/Joomla-Questions-1.4.3-SQL-Injection.html Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/45468/ Exploit,Third Party Advisory,VDB Entry
http://packetstormsecurity.com/files/149523/Joomla-Questions-1.4.3-SQL-Injection.html Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/45468/ Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-17377, you might also want to check these: