LiveActive security incident?Get immediate response
CVE Record

CVE-2016-1000271: Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injec...

Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web server.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

CVE-2016-1000271 is an SQL injection in the Joomla DT Register extension. If a vulnerable site exposes this extension to the web, an attacker who can reach the web server may be able to manipulate database queries. This matters because event-registration sites may store attendee, payment, or contact data.

Executive priority

Prioritize quickly if DT Register is installed on any public Joomla site, especially where registration data is sensitive. If the extension is absent, no action is needed beyond documenting that validation.

Technical view

The issue affects DT Register versions before 3.1.12 on Joomla 3.x and before 2.8.18 on Joomla 2.5. The CVE describes SQL injection in the calendar raw events functionality involving the category parameter. No CVSS score, CWE, or CISA KEV listing is provided in the source bundle.

Likely exposure

Exposure is most likely for internet-facing Joomla sites running DT Register below the fixed version for their Joomla branch. Organizations without Joomla extension inventory may miss this because the CVE affected-product metadata is sparse.

Exploitation context

The CVE states exploitation appears possible when the attacker can reach the web server. Packet Storm is referenced as a public disclosure source. The provided sources do not establish active exploitation in the wild, and the CVE is not listed as KEV.

Researcher notes

The public record is thin: no CVSS, no CWE, and generic affected-product metadata. The strongest facts are the affected DT Register version ranges, Joomla branch mapping, reachability requirement, and Packet Storm reference. Treat impact assessment as environment-specific.

Mitigation direction

  • Inventory Joomla sites for the DT Register extension.
  • Upgrade DT Register to 3.1.12 or later on Joomla 3.x.
  • Upgrade DT Register to 2.8.18 or later on Joomla 2.5.
  • Restrict public access to vulnerable Joomla sites until updated.
  • Check vendor or maintainer guidance for any additional hardening.

Validation and detection

  • Confirm the installed DT Register version on each Joomla site.
  • Verify whether affected sites are reachable from the internet.
  • Review web logs for suspicious calendar raw event requests.
  • Check database and application logs for unusual query errors.
  • Retest after upgrade to confirm the vulnerable version is removed.
Prepared
Confidence
medium
Sources
3

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

description · low confidence lookup

Database behavior lookup

The CVE wording references database injection or access, so collection and exfiltration review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2016-1000271 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.