Lucene search
K
JoomskyJs Jobs

6 matches found

CVE
CVE
added 2019/12/19 8:41 p.m.91 views

CVE-2019-17527

The CVE concerns the JS JOBS FREE Joomla! extension. Before version 1.2.7, the extension’s models/custormfields.php contains the dataForDepandantField function, which allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. Multipl...

9.8CVSS9.8AI score0.01034EPSS
Web
CVE
CVE
added 2025/02/04 2:20 p.m.76 views

CVE-2025-22206

CVE-2025-22206 affects the Joomla JS Jobs plugin versions 1.1.5–1.4.2. The underlying issue is a SQL injection in the GDPR Field feature via the fieldfor parameter, allowing an authenticated administrator to execute arbitrary SQL commands. The vulnerability is confirmed across multiple sources in...

4.7CVSS8.5AI score0.0908EPSS
CVE
CVE
added 2025/02/15 8:10 a.m.69 views

CVE-2025-22209

CVE-2025-22209 (JS Jobs Joomla plugin) affects JS Jobs plugin versions 1.1.5–1.4.3 for Joomla. The underlying issue is a SQL injection in the Employer Payment History search feature, exploitable by an authenticated administrator via the searchpaymentstatus parameter. Affected component/file: the ...

4.7CVSS8.7AI score0.00274EPSS
CVE
CVE
added 2018/04/02 3:0 p.m.68 views

CVE-2018-9183

The vulnerability concerns the Joomla! Joom Sky JS Jobs Extension, specifically versions before 1.2.1. A Cross-Site Scripting (XSS) flaw exists due to missing validation on the URL field when creating a company entry, enabling injection of arbitrary script/HTML. Exploitation details or in‑the‑wil...

5.4CVSS5.5AI score0.02314EPSS
CVE
CVE
added 2025/02/15 8:10 a.m.61 views

CVE-2025-22208

CVE-2025-22208 affects the Joomla JS Jobs plugin (versions 1.1.5–1.4.3). The vulnerability is a SQL injection in the GDPR Erase Data Request search, exploitable by authenticated administrators via the filter_email parameter. Underlying cause is improper input handling in the SQL query used for th...

4.7CVSS8.7AI score0.00604EPSS
CVE
CVE
added 2018/02/17 7:0 a.m.58 views

CVE-2018-5994

CVE-2018-5994 affects Joomla! JS Jobs 1.1.9. SQL Injection via the zipcode parameter in newest-jobs requests or the ta parameter in view_resume requests. Public exploitation is documented (exploit-db). No remediation or patch/version details are provided in the supplied documents. CVSSv3.0 base s...

9.8CVSS9.8AI score0.02703EPSS