CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17527
https://notcve.org/view.php?id=CVE-2019-17527
dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. La función dataForDepandantField en el archivo models/custormfields.php en la extensión JS JOBS FREE versiones anteriores a 1.2.7 para Joomla! permite una inyección SQL por medio del parámetro child de index.php? • https://gist.github.com/blackcon/c61771eb8c9f0aeef6f6797f945efa13 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9183 – Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-9183
The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. La extensión Joom Sky JS Jobs en versiones anteriores a la 1.2.1 para Joomla! tiene Cross-Site Scripting (XSS) Joomla JS Jobs component version 1.2.0 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/44401 https://vel.joomla.org/resolved/2146-js-jobs-1-2-0-xss-cross-site-scripting https://www.joomsky.com/products/js-jobs.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-5994 – Joomla! Component JS Jobs 1.1.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-5994
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. Existe inyección SQL en el componente JS Jobs 1.1.9 para Joomla! mediante el parámetro zipcode en una petición newest-jobs o el parámetro ta en una petición view_resume. Joomla! • https://www.exploit-db.com/exploits/44120 https://exploit-db.com/exploits/44120 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •