This page lists publicly disclosed CVE vulnerabilities affecting harmistechnology ek_rishta (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-25351 | Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads in the username field to extract database information including user credentials and system details. | [email protected] | 8.8 | 0.43% | 2026-05-23 | 2026-06-16 |
| CVE-2018-25348 | Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values containing SQL commands to extract sensitive database information. | [email protected] | 8.8 | 0.43% | 2026-05-23 | 2026-06-16 |
| CVE-2018-12254 | router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI. | [email protected] | 8.8 | 2.62% | 2018-06-12 | 2026-06-16 |
| CVE-2018-7315 | SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. | [email protected] | 9.8 | 2.80% | 2018-02-22 | 2026-06-16 |