CVEDB API

Vulnerabilities

Vulnerable Software

Joomsky: Security Vulnerabilities

CVE-2025-30878

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2.

CVSS Score

8.6

EPSS Score

0.004

Published

2025-04-01

CVE-2025-30880

Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2.

CVSS Score

7.5

EPSS Score

0.003

Published

2025-04-01

CVE-2025-22208

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.

CVSS Score

4.7

EPSS Score

0.001

Published

2025-02-15

CVE-2025-22209

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.

CVSS Score

4.7

EPSS Score

0.001

Published

2025-02-15

CVE-2025-22206

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.

CVSS Score

4.7

EPSS Score

0.008

Published

2025-02-04

CVE-2022-46838

Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.

CVSS Score

9.1

EPSS Score

0.004

Published

2024-12-13

CVE-2022-46840

CVSS Score

5.4

EPSS Score

0.002

Published

2024-12-13

CVE-2023-28689

Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0.

CVSS Score

6.5

EPSS Score

0.002

Published

2024-12-09

CVE-2024-51670

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7.

CVSS Score

5.9

EPSS Score

0.002

Published

2024-11-09

CVE-2024-43274

Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.

CVSS Score

5.8

EPSS Score

0.003

Published

2024-11-01

Prev Next

Page 2

Vulnerabilities

Vulnerable Software

Joomsky: Security Vulnerabilities

Products

Pricing

Contact Us