CVE-2023-54360 Joomla JLex Review 6.0.1 Reflected XSS via review_id Parameter

Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the reviewid URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers when clicked, enablin...

CVE-2023-54360 Joomla JLex Review 6.0.1 Reflected XSS via review_id Parameter

Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the reviewid URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers when clicked, enablin...

PT-2026-31727

Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review id URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers when clicked, enabli...

CVE-2024-13369 Tour Master - Tour Booking, Travel, Hotel <= 5.3.7 - Authenticated (Subscriber+) SQL Injection via review_id Parameter

The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is vulnerable to time-based SQL Injection via the ‘reviewid’ parameter in all versions up to, and including, 5.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...