Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2666 articles · 174691 vulns · 37/41 feeds (7d)
← Back to list
8.2
CVE-2017-20273EXPLOITED
joomla · event registration pro calendar

Joomla Event Registration Pro Calendar 4.1.3 SQL Injection

Description

Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_registrationpro&view=category&id parameter containing SQL injection payloads to extract sensitive database information.

Affected Products

VendorProductVersions
joomlaevent registration pro calendar4.1.3

References

  • https://www.exploit-db.com/exploits/42416(exploit)
  • https://www.vulncheck.com/advisories/joomla-event-registration-pro-calendar-sql-injection(third-party-advisory)

Related News (1 articles)

Tier C
VulDB23d ago
CVE-2017-20273 | Joomlashowroom Event Registration Pro Calendar 4.1.3 index.php ID sql injection (Exploit 42416 / EDB-42416)
→ No new info (linked only)
CVSS 3.18.2 NONE
CISA KEV❌ No
Actively exploited✅ Yes
CWECWE-89
PublishedJun 19, 2026
Last enriched23d agov2
Trending Score2
Source articles1
Independent1
Info Completeness9/14
Missing: epss, kev, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

NONECVE-2026-48939EXPKEV
Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15
Trending: 129
NONECVE-2026-48950EXP
Joomla! Core - [20260704] - XSS in com_templates
Trending: 28
NONECVE-2026-48952EXP
Joomla! Core - [20260706] - XSS in com_installer
Trending: 26
NONECVE-2019-25748EXP
Joomla JHotelReservation 6.0.7 SQL Injection via search-hotels
Trending: 2
NONECVE-2017-20282EXP
Joomla! Component jCart for OpenCart 2.0 SQL Injection
Trending: 2

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 19, 2026
Discovered by ZDM
Jun 19, 2026
Updated: severity, exploitAvailable, activelyExploited
Jun 19, 2026
Actively Exploited
Jun 22, 2026
Exploit Available
Jun 22, 2026

Version History

v2
Last enriched 23d ago
v2Tier C23d ago

Updated severity to CRITICAL and marked exploit as available and actively exploited.

severityexploitAvailableactivelyExploited
via VulDB
v123d ago

Initial creation