CVE-2010-5028

NUCLEI

Joomla! com_jejob 1.0 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-5028. PoCs published by v3n0m, Valentin. A Nuclei detection template is also available.

AI-analyzed exploit summary This is a SQL injection exploit for Joomla Component com_jejob 1.0, targeting the 'catid' parameter. The PoC demonstrates a union-based SQLi to extract user credentials from the 'jos_users' table.

Description

SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.

Exploits (2)

exploitdb WORKING POC VERIFIED

by v3n0m · textwebappsphp

https://www.exploit-db.com/exploits/12782

View Code ZIP pw:eip

This is a SQL injection exploit for Joomla Component com_jejob 1.0, targeting the 'catid' parameter. The PoC demonstrates a union-based SQLi to extract user credentials from the 'jos_users' table.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Joomla Component com_jejob 1.0

No auth needed

Prerequisites: Joomla with com_jejob component installed and accessible

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Valentin · textwebappsphp

https://www.exploit-db.com/exploits/12601

View Code ZIP pw:eip

This is a writeup describing a Local File Inclusion (LFI) vulnerability in the Joomla Component JE Job. It provides example URIs and additional information on how to trigger MySQL errors and inject characters through the URL.

Classification

Writeup 90%