CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 3CVE-2018-6006 – Joomla! Component JS Autoz 1.0.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-6006
17 Feb 2018 — SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. Existe inyección SQL en el componente JS Autoz 1.0.9 para Joomla! mediante los parámetros vtype, pre o prs. Joomla! • https://packetstorm.news/files/id/146448 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-6007 – Joomla! Component JS Support Ticket 1.1.0 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-6007
28 Jan 2018 — CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. Existe Cross-Site Request Forgery (CSRF) en el componente JS Support Ticket 1.1.0 para Joomla! y permite que los atacantes inyecten HTML o editen un ticket. Joomla! • https://packetstorm.news/files/id/146135 • CWE-352: Cross-Site Request Forgery (CSRF) •