Login Sign Up

CVE-2018-5696

9.8 CRITICAL
SQL Injection

📋 TL;DR

This SQL injection vulnerability in iJoomla's com_adagency plugin for Joomla! allows attackers to execute arbitrary SQL commands through the advertiser_status and status_select parameters. Websites running the vulnerable plugin version are affected, potentially exposing database contents including user credentials and sensitive data.

💻 Affected Systems

Products:
  • iJoomla com_adagency plugin for Joomla!
Versions: 6.0.9
Operating Systems: All platforms running Joomla!
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Joomla! CMS with the vulnerable plugin installed and enabled.

📦 What is this software?

Ad Agency by Ijoomla

View all CVEs affecting Ad Agency →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, remote code execution, or complete site takeover.

🟠

Likely Case

Database information disclosure including user credentials, sensitive business data, and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions.

🌐 Internet-Facing: HIGH - Exploitable via web requests without authentication, affecting publicly accessible Joomla! sites.
🏢 Internal Only: MEDIUM - Internal applications could still be exploited by authenticated users or through other attack vectors.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection via URL parameters makes exploitation straightforward with readily available tools.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.0.10 or later

Vendor Advisory: https://www.ijoomla.com/

Restart Required: No

Instructions:

1. Update com_adagency plugin to version 6.0.10 or later via Joomla! Extension Manager. 2. Verify update completes successfully. 3. Clear Joomla! cache.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation for advertiser_status and status_select parameters

Modify index.php to sanitize $_GET['advertiser_status'] and $_GET['status_select'] parameters

Web Application Firewall Rule

all

Block SQL injection patterns in URL parameters

Add WAF rule to detect and block SQL injection attempts in advertiser_status and status_select parameters

🧯 If You Can't Patch

  • Disable or remove the com_adagency plugin if not essential
  • Implement strict network segmentation and limit database user privileges

🔍 How to Verify

Check if Vulnerable:

Check Joomla! Extension Manager for com_adagency plugin version 6.0.9

Check Version:

Check Joomla! admin panel → Extensions → Manage → Search for com_adagency

Verify Fix Applied:

Confirm plugin version is 6.0.10 or later in Extension Manager

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple requests with SQL injection patterns in advertiser_status/status_select parameters

Network Indicators:

  • HTTP requests containing SQL keywords in advertiser_status or status_select parameters

SIEM Query:

source="web_logs" AND (advertiser_status CONTAINS "UNION" OR status_select CONTAINS "SELECT")

📊 Metadata

CVE ID: CVE-2018-5696
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: January 14, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-5696, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)