Unrated severityNVD Advisory· Published Jun 19, 2026

Joomla SP Movie Database 1.3 SQL Injection via searchword

CVE-2017-20266

Description

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the searchword parameter to extract sensitive database information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

JoomShaper/SP Movie Databasellm-create
Range: <=1.3

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/42502mitreexploit
www.vulncheck.com/advisories/joomla-sp-movie-database-sql-injection-via-searchwordmitrethird-party-advisory
joomshaper.commitreproduct
extensions.joomla.org/extensions/extension/directory-a-documentation/directory/sp-movie-database/mitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000