Vulnerabilities > Extensiondepot

DATE	CVE	VULNERABILITY TITLE	RISK
2011-09-14	CVE-2010-4838	SQL Injection vulnerability in Extensiondepot COM Jsupport 1.5.6 SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php. network extensiondepot joomla CWE-89	6.0
2011-09-14	CVE-2010-4837	Cross-Site Scripting vulnerability in Extensiondepot COM Jsupport 1.5.6 Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. network extensiondepot joomla CWE-79	4.3

Vulnerabilities > Extensiondepot {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Extensiondepot"}]}