2 matches found
CVE-2019-17527
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=comjsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter...
CVE-2019-17527
The CVE concerns the JS JOBS FREE Joomla! extension. Before version 1.2.7, the extension’s models/custormfields.php contains the dataForDepandantField function, which allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. Multipl...