CRITICAL🇵🇱 Wersja polska

CVE-2025-25226

CVSS 9.8v3.1pub. 2025-04-08upd. 2025-06-04

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used.

🤖 AI Analysis
How it works

The vulnerability lies in the protected quoteNameStr method of the base class of the Joomla Framework database package. In the original 2.x and 3.x branches, this method is not directly called, so the framework itself in standard configuration is not vulnerable. However, the problem may occur in classes inheriting from the affected base class if an extension or external code uses the vulnerable method — in which case an attacker can inject malicious SQL queries.

Impact

In a scenario where the vulnerable method is used by derived classes, an attacker can gain unauthorized access to database data, modify or delete data, and potentially take control of the application (full CIA triad: confidentiality, integrity, availability).

Mitigation & patch

Apply patches available from the vendor according to the references provided. Additionally, it is recommended to review your own extensions and classes inheriting from the Joomla Framework database package for use of the quoteNameStr method, and if used, urgently update or refactor the code.

Who is affected

Joomla Framework, database package in 2.x and 3.x branches — exclusively in cases of classes extending the affected base class and using the quoteNameStr method. Original classes provided by the vendor are not directly vulnerable.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Joomla Joomla\!

    APP
    Joomla
    1.0.0 – 2.2.0 (bez)3.0.0 – 3.4.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2016-10033CRITICAL9.8⚠ KEVten sam produkt

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass ...

CVE-2026-48902CRITICAL9.8PL ✓ten sam produkt

Joomla! — degradacja szyfrowania transportu w linkach resetowania hasła i nazwy użytkownika

CVE-2024-27185CRITICAL9.1PL ✓ten sam produkt

Joomla! — cache poisoning przez dowolne parametry w paginacji

CVE-2022-23797CRITICAL9.8ten sam produkt

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the sel...

CVE-2022-23795CRITICAL9.8ten sam produkt

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a s...