Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Joomsky Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17527 1 Joomsky 1 Js Jobs 2020-01-02 7.5 HIGH 9.8 CRITICAL
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.
CVE-2018-21002 1 Joomsky 1 Js Help Desk 2019-08-28 6.8 MEDIUM 8.8 HIGH
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
CVE-2018-20974 1 Joomsky 1 Js Job Manager 2019-08-21 6.8 MEDIUM 8.8 HIGH
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
CVE-2018-9183 1 Joomsky 1 Js Jobs 2018-05-02 3.5 LOW 5.4 MEDIUM
The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.
CVE-2018-6006 1 Joomsky 1 Js Autoz 2018-03-05 7.5 HIGH 9.8 CRITICAL
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
CVE-2018-5994 1 Joomsky 1 Js Jobs 2018-03-05 7.5 HIGH 9.8 CRITICAL
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
CVE-2018-6007 1 Joomsky 1 Js Support Ticket 2018-02-15 6.8 MEDIUM 8.8 HIGH
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.