joomsky CVE Vulnerabilities & CVE List (31)

Products (CPE): — CVEs: 31

joomsky vulnerability overview

Aggregates CVE and security vulnerability intelligence across all joomsky-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk csrf and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 2131 of 31 CVEs
«« First « Prev Page 2 / 2 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-25444 Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. [email protected] 9.1 0.69% 2024-05-17 2026-06-17
CVE-2022-47151 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. [email protected] 8.6 0.44% 2024-04-17 2026-06-17
CVE-2023-31087 Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. [email protected] 5.4 0.30% 2023-11-09 2026-06-17
CVE-2023-25963 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. [email protected] 5.9 0.39% 2023-06-16 2026-06-17
CVE-2019-17527 dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. [email protected] 9.8 1.03% 2019-12-19 2026-06-16
CVE-2018-21002 The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. [email protected] 8.8 0.68% 2019-08-27 2026-06-16
CVE-2018-20974 The js-jobs plugin before 1.0.7 for WordPress has CSRF. [email protected] 8.8 0.65% 2019-08-16 2026-06-16
CVE-2018-9183 The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. [email protected] 5.4 2.31% 2018-04-02 2026-06-16
CVE-2018-6006 SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. [email protected] 9.8 19.49% 2018-02-17 2026-06-16
CVE-2018-5994 SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. [email protected] 9.8 2.70% 2018-02-17 2026-06-16
CVE-2018-6007 CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. [email protected] 8.8 2.31% 2018-01-29 2026-06-16
«« First « Prev Page 2 / 2 Next »
cvelogic Threat Intelligence