Joomla JoomRecipe 1.0.4 Component Blind SQL Injection via search_author
Description
Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the search_author parameter on the search results page. Attackers can inject SQL code through POST requests to the search endpoint to extract database information using boolean-based blind SQL injection techniques.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.0.4
Patches
Vulnerability mechanics
Root cause
"Missing input sanitization on the search_author POST parameter allows SQL injection."
Attack vector
An attacker sends a crafted POST request to the `/search/results.html` endpoint with a malicious payload in the `search_author` parameter. The injection is boolean-based blind, meaning the attacker can infer information by observing differences in the server's response when a condition evaluates to true versus false. This allows extraction of database contents such as table names and credentials without direct output of the query results. [ref_id=1]
Affected code
The vulnerability resides in the search functionality of the JoomRecipe 1.0.4 component for Joomla. The `search_author` POST parameter is passed unsanitized into a SQL query on the search results page, allowing an attacker to inject arbitrary SQL statements.
What the fix does
The advisory does not include a patch diff. To remediate the vulnerability, the `search_author` parameter must be properly sanitized or parameterized before being used in SQL queries. Developers should use prepared statements or an ORM to ensure user input is never concatenated directly into SQL.
Preconditions
- configThe JoomRecipe 1.0.4 component must be installed and the search results page must be accessible.
- networkThe attacker must be able to send POST requests to the search endpoint.
- authNo authentication is required; the search page is publicly accessible.
- inputThe attacker must craft a boolean-based blind SQL injection payload in the search_author parameter.
Reproduction
sqlmap.py -u "http://localhost/[PATH]/search/results.html" -p search_author --data "searchPerformed=1&task=search&searchword=asd&searchCategories%5B%5D=*&search_cuisine=&searchSeasons=&search_author=1&search_max_prep_hours=2&search_max_prep_minutes=0&search_max_cook_hours=2&search_max_cook_minutes=0&search_min_rate=0&search_max_cost=999¤tIngredient=" --random-agent --dbs
Generated on Jun 20, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- www.exploit-db.com/exploits/42347mitreexploit
- www.vulncheck.com/advisories/joomla-joomrecipe-component-blind-sql-injection-via-search-authormitrethird-party-advisory
- joomboost.commitreproduct
- extensions.joomla.org/extensions/extension/vertical-markets/food-a-beverage/joomrecipe/mitreproduct
News mentions
0No linked articles in our index yet.