Lucene search

Joomsky Security Vulnerabilities

cve

CVE-2018-20974

The js-jobs plugin before 1.0.7 for WordPress has CSRF.

8.8CVSS

8.7AI Score

0.001EPSS

2019-08-16 09:15 PM

357

cve

CVE-2018-21002

The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.

8.8CVSS

8.7AI Score

0.001EPSS

2019-08-27 12:15 PM

cve

CVE-2018-5994

SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.

9.8CVSS

9.8AI Score

0.003EPSS

2018-02-17 07:29 AM

cve

CVE-2018-6006

SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.

9.8CVSS

9.8AI Score

0.003EPSS

2018-02-17 07:29 AM

cve

CVE-2018-6007

CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.

8.8CVSS

8.5AI Score

0.002EPSS

2018-01-29 05:29 AM

cve

CVE-2018-9183

The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.

5.4CVSS

5.5AI Score

0.002EPSS

2018-04-02 03:29 PM

cve

CVE-2019-17527

dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.

9.8CVSS

9.8AI Score

0.001EPSS

2019-12-19 09:15 PM

cve

CVE-2023-25963

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.

5.9CVSS

4.8AI Score

0.0005EPSS

2023-06-16 09:15 AM

cve

CVE-2023-31087

Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.

8.8CVSS

8.7AI Score

0.001EPSS

2023-11-09 06:15 PM