Warning: Critical SQL Injection in JEvents. Patch Immediately!

Image
Decorative image
Publié : 13/06/2025

 

    * Last update:  13/06/2025
   
    * Affected software:: JEvents component before 3.6.88 and 3.6.82.1 for Joomla
 
    * Type: SQL Injection
 
    * CVE/CVSS
        → CVE-2025-49467: CVSS 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/U:Amber)
 

 

Sources

 
https://www.jevents.net/
https://nvd.nist.gov/vuln/detail/CVE-2025-49467
 

Risks 

An SQL injection vulnerability was fixed in the JEvents component for Joomla, affecting versions before 3.6.88 and 3.6.82.1. The vulnerability exists in publicly accessible actions used to list events by date ranges, allowing attackers to inject malicious SQL commands.
 

Description

Successful exploitation of CVE-2025-49467 can potentially allow a malicious attacker to:

  • Execute unauthorized SQL commands
  • Bypass authentication
  • Retrieve, modify, or delete database contents
  • Compromise the entire Joomla website's database
  • Potentially gain unauthorized access to sensitive information stored in the database
     

Recommended Actions

 
Patch 
 
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing. Update JEvents component to version 3.6.88 or 3.6.82.1 (whichever is applicable to your current version)
 
Additional Recommendations

  • Immediately update JEvents component to the patched version
  • Implement web application firewall (WAF) rules to detect and block SQL injection attempts
  • Validate and sanitize all user inputs
  • Use parameterized queries or prepared statements
  • Limit database account privileges
  • Conduct a thorough security audit of the Joomla installation
     
    Monitor/Detect 
    The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
     
    In case of an intrusion, you can report an incident via:< https://ccb.belgium.be/cert/report-incident>.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
 
 

References

https://feedly.com/cve/CVE-2025-49467