Vulnerabilities > Joomsky
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-31087 | Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS JOB Manager Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. | 8.8 |
| 2023-06-16 | CVE-2023-25963 | Cross-site Scripting vulnerability in Joomsky JS JOB Manager Auth. | 4.8 |
| 2019-12-19 | CVE-2019-17527 | SQL Injection vulnerability in Joomsky JS Jobs dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | 7.5 |
| 2019-08-27 | CVE-2018-21002 | Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS Help Desk The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. | 6.8 |
| 2019-08-16 | CVE-2018-20974 | Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS JOB Manager The js-jobs plugin before 1.0.7 for WordPress has CSRF. | 6.8 |
| 2018-04-02 | CVE-2018-9183 | Cross-site Scripting vulnerability in Joomsky JS Jobs The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. | 3.5 |
| 2018-02-17 | CVE-2018-6006 | SQL Injection vulnerability in Joomsky JS Autoz 1.0.9 SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. | 7.5 |
| 2018-02-17 | CVE-2018-5994 | SQL Injection vulnerability in Joomsky JS Jobs 1.1.9 SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | 7.5 |
| 2018-01-29 | CVE-2018-6007 | Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS Support Ticket 1.1.0 CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. | 6.8 |