SQL Injection Vulnerability in DJ-Classifieds Component for Joomla
CVE-2025-54474

8.5HIGH

Key Information:

Vendor: Dj-extensions.com
Status: Dj-classifieds Component For Joomla
Vendor: CVE Published:; 15 August 2025

🔔 Create Dj-extensions.com Vulnerability Alert

What is CVE-2025-54474?

A SQL injection vulnerability has been identified in the DJ-Classifieds component (versions 3.9.2 to 3.10.1) for Joomla. This flaw enables users with elevated privileges to run arbitrary SQL commands, potentially compromising the database's integrity and security.

Affected Version(s)

DJ-Classifieds component for Joomla 3.9.2-3.10.1

References

https://dj-extensions.com/

product

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 15, 2025
Vulnerability Reserved
Jul 23, 2025

Credit

Sebastian Jeż