Joomla component jp_jobs SQL Injection vulnerability Update #1

Yesterday a vulnerability in the component jp_jobs was found. I notified the vendor (Kim from and he tried to fix it immediately. We are currently working together in order to see if the latest version he uploaded during the last hours is still vulnerable.

I tell you about this because I think this is a very good example of how responsible a software vendor can react. I have seen many companies simply ignoring vulnerability reports or just suing the person who discovered the leak.

I hope the team members of keep up their good work and don’t loose some of their motivation because of the recent discovery.

And thanks for this blog post!