Vulnerabilities > Joomsky

DATE CVE VULNERABILITY TITLE RISK
2023-11-09 CVE-2023-31087 Unspecified vulnerability in Joomsky JS JOB Manager
Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
network
low complexity
joomsky
8.8
2023-06-16 CVE-2023-25963 Unspecified vulnerability in Joomsky JS JOB Manager
Auth.
network
low complexity
joomsky
4.8
2019-12-19 CVE-2019-17527 SQL Injection vulnerability in Joomsky JS Jobs
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.
network
low complexity
joomsky CWE-89
critical
9.8
2019-08-27 CVE-2018-21002 Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS Help Desk
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
network
low complexity
joomsky CWE-352
8.8
2019-08-16 CVE-2018-20974 Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS JOB Manager
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
network
low complexity
joomsky CWE-352
8.8
2018-04-02 CVE-2018-9183 Cross-site Scripting vulnerability in Joomsky JS Jobs
The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.
network
low complexity
joomsky CWE-79
5.4
2018-02-17 CVE-2018-6006 SQL Injection vulnerability in Joomsky JS Autoz 1.0.9
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
network
low complexity
joomsky CWE-89
critical
9.8
2018-02-17 CVE-2018-5994 SQL Injection vulnerability in Joomsky JS Jobs 1.1.9
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
network
low complexity
joomsky CWE-89
critical
9.8
2018-01-29 CVE-2018-6007 Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS Support Ticket 1.1.0
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.
network
low complexity
joomsky CWE-352
8.8