Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Js_jobs
(Joomsky)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-04 | CVE-2025-22206 | A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature. | Js_jobs | N/A | ||
| 2025-02-15 | CVE-2025-22208 | A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature. | Js_jobs | N/A | ||
| 2025-02-15 | CVE-2025-22209 | A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature. | Js_jobs | N/A | ||
| 2019-12-19 | CVE-2019-17527 | dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | Js_jobs | N/A | ||
| 2018-04-02 | CVE-2018-9183 | The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. | Js_jobs | 5.4 | ||
| 2018-02-17 | CVE-2018-5994 | SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | Js_jobs | 9.8 |