Vulnerabilities > Jdownloads
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-06 | CVE-2022-27909 | Unspecified vulnerability in Jdownloads 3.9.8.2 In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files | 4.3 |
2020-09-25 | CVE-2020-19455 | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter. | 7.5 |
2020-09-25 | CVE-2020-19451 | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter. | 7.5 |
2020-09-25 | CVE-2020-19450 | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter. | 7.5 |
2020-09-24 | CVE-2020-19447 | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter. | 7.5 |
2018-04-12 | CVE-2018-10068 | Cross-site Scripting vulnerability in Jdownloads The jDownloads extension before 3.2.59 for Joomla! has XSS. | 6.1 |