Filtered by vendor Joomsky
Subscribe
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-51670 | 1 Joomsky | 1 Js Help Desk | 2026-02-04 | N/A | 5.9 MEDIUM |
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Stored XSS.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.7.
|
|||||
| CVE-2023-28689 | 1 Joomsky | 1 Js Job Manager | 2026-01-28 | N/A | 6.5 MEDIUM |
|
Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0.
|
|||||
| CVE-2024-43274 | 1 Joomsky | 1 Js Help Desk | 2026-01-26 | N/A | 5.8 MEDIUM |
|
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.
|
|||||
| CVE-2025-32626 | 1 Joomsky | 1 Js Job Manager | 2026-01-26 | N/A | 9.3 CRITICAL |
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Job Manager allows SQL Injection. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-32660 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 10.0 CRITICAL |
|
Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager allows Upload a Web Shell to a Web Server. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-30880 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 7.5 HIGH |
|
Missing Authorization vulnerability in JoomSky JS Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Help Desk: from n/a through 2.9.2.
|
|||||
| CVE-2025-30882 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 7.5 HIGH |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.1.
|
|||||
| CVE-2025-30886 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 9.3 CRITICAL |
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk allows SQL Injection. This issue affects JS Help Desk: from n/a through 2.9.2.
|
|||||
| CVE-2025-30901 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2.
|
|||||
| CVE-2025-31867 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 5.4 MEDIUM |
|
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-31868 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 5.3 MEDIUM |
|
Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-32146 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 8.8 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-32627 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2022-46838 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 9.1 CRITICAL |
|
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
|
|||||
| CVE-2022-46840 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 5.4 MEDIUM |
|
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
|
|||||
| CVE-2025-30878 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 8.6 HIGH |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.2.
|
|||||
| CVE-2022-47151 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 8.6 HIGH |
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
|
|||||
| CVE-2023-25444 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 9.1 CRITICAL |
|
Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7.
|
|||||
| CVE-2025-58234 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 6.5 MEDIUM |
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Job Manager allows Stored XSS. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-22206 | 1 Joomsky | 1 Js Jobs | 2025-06-04 | N/A | 4.7 MEDIUM |
|
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.
|
|||||
| CVE-2025-22208 | 1 Joomsky | 1 Js Jobs | 2025-06-04 | N/A | 4.7 MEDIUM |
|
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.
|
|||||
| CVE-2025-22209 | 1 Joomsky | 1 Js Jobs | 2025-06-04 | N/A | 4.7 MEDIUM |
|
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.
|
|||||
| CVE-2023-31087 | 1 Joomsky | 1 Js Job Manager | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
|
|||||
| CVE-2023-25963 | 1 Joomsky | 1 Js Job Manager | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
|
|||||
| CVE-2019-17527 | 1 Joomsky | 1 Js Jobs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.
|
|||||
| CVE-2018-9183 | 1 Joomsky | 1 Js Jobs | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.
|
|||||
| CVE-2018-6007 | 1 Joomsky | 1 Js Support Ticket | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.
|
|||||
| CVE-2018-6006 | 1 Joomsky | 1 Js Autoz | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
|
|||||
| CVE-2018-5994 | 1 Joomsky | 1 Js Jobs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
|
|||||
| CVE-2018-21002 | 1 Joomsky | 1 Js Help Desk | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
|
|||||
| CVE-2018-20974 | 1 Joomsky | 1 Js Job Manager | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
|
|||||