3 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-17527

https://notcve.org/view.php?id=CVE-2019-17527

19 Dec 2019 — dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. La función dataForDepandantField en el archivo models/custormfields.php en la extensión JS JOBS FREE versiones anteriores a 1.2.7 para Joomla! permite una inyección SQL por medio del parámetro child de index.php? • https://gist.github.com/blackcon/c61771eb8c9f0aeef6f6797f945efa13 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2

CVE-2018-9183 – Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2018-9183

02 Apr 2018 — The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. La extensión Joom Sky JS Jobs en versiones anteriores a la 1.2.1 para Joomla! tiene Cross-Site Scripting (XSS) Joomla JS Jobs component version 1.2.0 suffers from a cross site scripting vulnerability. • https://packetstorm.news/files/id/147062 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3

CVE-2018-5994 – Joomla! Component JS Jobs 1.1.9 - SQL Injection

https://notcve.org/view.php?id=CVE-2018-5994

17 Feb 2018 — SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. Existe inyección SQL en el componente JS Jobs 1.1.9 para Joomla! mediante el parámetro zipcode en una petición newest-jobs o el parámetro ta en una petición view_resume. Joomla! • https://packetstorm.news/files/id/146449 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •