Vulnerabilities > Joomsky > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-19 CVE-2019-17527 SQL Injection vulnerability in Joomsky JS Jobs
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.
network
low complexity
joomsky CWE-89
critical
 9.8
9.8
2018-02-17 CVE-2018-6006 SQL Injection vulnerability in Joomsky JS Autoz 1.0.9
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
network
low complexity
joomsky CWE-89
critical
 9.8
9.8
2018-02-17 CVE-2018-5994 SQL Injection vulnerability in Joomsky JS Jobs 1.1.9
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
network
low complexity
joomsky CWE-89
critical
 9.8
9.8