CVE-2018-12254
Description
SQL Injection in router.php of Harmis Ek-rishta 2.10 for Joomla! allows unauthenticated attackers to extract the database via error-based techniques.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL Injection in router.php of Harmis Ek-rishta 2.10 for Joomla! allows unauthenticated attackers to extract the database via error-based techniques.
Vulnerability
router.php in the Harmis Ek-rishta (ek-rishta) component version 2.10 for Joomla! is vulnerable to SQL Injection. The PATH_INFO parameter passed to a URI like home/requested_user/Sent%20interest/ is directly concatenated into an SQL query without sanitization, allowing an attacker to inject arbitrary SQL commands. The component was developed by Harmis, and the vulnerability was publicly disclosed on June 11, 2018 [1].
Exploitation
An attacker can exploit this vulnerability by sending a crafted HTTP request to any page that uses the vulnerable routing mechanism. No authentication is required. The proof-of-concept payload 1'or%20sleep(5)%23 demonstrates time-based injection, but the researcher found that error-based exploitation using extractvalue() (XPATH Injection) is more effective due to limitations in query responses [1]. The injectable parameter is the third segment after Sent%20interest/ in the URL path.
Impact
Successful exploitation allows an attacker to extract sensitive data from the Joomla database, including user credentials, configuration data, and any other information stored in the database. The attack is performed using error-based SQL injection via extractvalue(), which can leak database contents row by row. The attacker gains read access to the entire database but does not achieve file write or remote code execution [1].
Mitigation
As of the publication date on June 12, 2018, no patched version of the Ek-rishta component was available. The component version 2.10 is affected. Users should disable or remove the component until a security update is released by the vendor. The CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application does not properly sanitize user-supplied input in the PATH_INFO, allowing for SQL injection."
Attack vector
An attacker can exploit this vulnerability by sending a crafted URI to the `router.php` file. The vulnerability is triggered via a `PATH_INFO` to a `home/requested_user/Sent%20interest/[username]` URI. The exploit involves appending SQL injection payloads to the username parameter, which are then processed by the application without proper sanitization [ref_id=1].
Affected code
The vulnerability resides in `router.php` within the Harmis Ek rishta component for Joomla! version 2.10. Specifically, the `PATH_INFO` is processed in a way that allows for SQL injection when a user navigates to a `home/requested_user/Sent%20interest/` URI [ref_id=1].
What the fix does
The provided bundle does not contain information about a patch or specific remediation steps. The advisory indicates that the vulnerability exists in version 2.10 of the Ek rishta component for Joomla! [ref_id=1]. Users are advised to consult vendor advisories for updated information on patches or secure versions.
Preconditions
- authThe user must be logged on to the platform to exploit this vulnerability [ref_id=1].
Reproduction
https://www.exploit-db.com/exploits/44893/
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- www.exploit-db.com/exploits/44893/mitreexploitx_refsource_EXPLOIT-DB
- m4k4br0.github.io/sql-injection-joomla-component/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.