Vulnerabilities > Jdownloads

DATE CVE VULNERABILITY TITLE RISK
2022-05-06 CVE-2022-27909 Unspecified vulnerability in Jdownloads 3.9.8.2
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
network
low complexity
jdownloads
4.3
2020-09-25 CVE-2020-19455 SQL Injection vulnerability in Jdownloads 3.2.63
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.
network
low complexity
jdownloads CWE-89
7.5
2020-09-25 CVE-2020-19451 SQL Injection vulnerability in Jdownloads 3.2.63
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.
network
low complexity
jdownloads CWE-89
7.5
2020-09-25 CVE-2020-19450 SQL Injection vulnerability in Jdownloads 3.2.63
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.
network
low complexity
jdownloads CWE-89
7.5
2020-09-24 CVE-2020-19447 SQL Injection vulnerability in Jdownloads 3.2.63
SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.
network
low complexity
jdownloads CWE-89
7.5
2018-04-12 CVE-2018-10068 Cross-site Scripting vulnerability in Jdownloads
The jDownloads extension before 3.2.59 for Joomla! has XSS.
network
low complexity
jdownloads CWE-79
6.1