CVE-2017-20272

Received Received - Intake

SQL Injection in Joomla Ultimate Property Listing

Publication date: 2026-06-19

Last updated on: 2026-06-19

Assigner: VulnCheck

Description

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sf_selectuser_id parameter. Attackers can send GET requests to index.php with the option=com_upl and view=propertylisting parameters to extract sensitive database information including table names and column structures.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-19

Last Modified

2026-06-19

Generated

2026-06-19

AI Q&A

2026-06-19

EPSS Evaluated

N/A

NVD

CVE-2017-20272

EUVD

EUVD-2017-18999

Affected Vendors & Products

Vendor	Product	Version / Range
joomla	ultimate_property_listing	1.0.2
joomla	ultimate_property_listing	to 1.0.2 (inc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Compliance Impact

The SQL injection vulnerability in Joomla Ultimate Property Listing 1.0.2 allows unauthenticated attackers to extract sensitive database information, including table names and column structures. This exposure of sensitive data can lead to violations of data protection regulations such as GDPR and HIPAA, which require the safeguarding of personal and sensitive information against unauthorized access.

Because attackers can access confidential database contents through this vulnerability, organizations using the affected software may face compliance risks related to confidentiality and data integrity requirements mandated by these standards.

Executive Summary

CVE-2017-20272 is a SQL injection vulnerability in Joomla Ultimate Property Listing version 1.0.2. It allows unauthenticated attackers to inject malicious SQL queries through the 'sf_selectuser_id' parameter.

Attackers exploit this by sending specially crafted GET requests to 'index.php' with parameters 'option=com_upl' and 'view=propertylisting'. This enables them to extract sensitive database information such as table names and column structures.

Impact Analysis

This vulnerability can have a significant impact by allowing attackers to access sensitive database information without authentication.

Attackers can extract database schema details, which could lead to further exploitation, data leakage, or unauthorized data manipulation.

The CVSS score of 8.8 indicates a high severity risk, emphasizing the potential for serious confidentiality breaches.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious GET requests targeting the vulnerable Joomla component. Specifically, look for requests to 'index.php' with parameters 'option=com_upl' and 'view=propertylisting' that include unusual or malicious input in the 'sf_selectuser_id' parameter.

A practical detection method is to use web server logs or network monitoring tools to identify such requests. For example, you can use command-line tools like grep to search for these patterns in your web server access logs.

grep "option=com_upl&view=propertylisting" /path/to/access.log | grep "sf_selectuser_id"

Additionally, you can test the vulnerability by sending crafted HTTP GET requests with SQL injection payloads in the 'sf_selectuser_id' parameter and observe if the application returns database errors or unexpected data.

curl "http://target-site/index.php?option=com_upl&view=propertylisting&sf_selectuser_id=1' OR '1'='1"

Mitigation Strategies

Immediate mitigation steps include restricting or filtering access to the vulnerable parameters to prevent injection attempts.

You should apply input validation and sanitization on the 'sf_selectuser_id' parameter to ensure only expected values are accepted.

If possible, update or patch the Joomla Ultimate Property Listing component to a version that addresses this SQL injection vulnerability.

As a temporary measure, consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious SQL injection patterns targeting the vulnerable parameters.

Also, monitor logs for exploitation attempts and restrict network access to the affected application if feasible.

Hi! I’m here to help you understand CVE-2017-20272. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2017-20272

SQL Injection in Joomla Ultimate Property Listing

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart