2 matches found
CVE-2010-4837
CVE-2010-4837 affects Joomla! with the JSupport (com_jsupport) component version 1.5.6. It is a Cross-site Scripting (XSS) vulnerability exploitable via the subject parameter (title field) in a saveTicket action to index2.php, allowing remote script/HTML injection. The NVD lists a base score of 4...
CVE-2010-4838
CVE-2010-4838 concerns a SQL injection in the Joomla! JSupport (com_jsupport) component version 1.5.6. The vulnerability is triggered via the alpha parameter in administrator/index.php for actions (1) listTickets or (2) listFaqs, allowing remote, authenticated users with Public Back-end permissio...