Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

joomsky.com

Source -

CNA

BOS Name -

N/A

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
5Vulnerabilities found
CVE-2025-54475
Assigner-Joomla! Project
ShareView Details
Assigner-Joomla! Project
CVSS Score-8.7||HIGH
EPSS-0.03% / 7.81%
||
7 Day CHG~0.00%
Published-15 Aug, 2025 | 11:54
Updated-15 Aug, 2025 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - joomsky.com - SQL injection in JS jobs component version 1.3.2 - 1.4.4 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.

Action-Not Available
Vendor-joomsky.com
Product-JS Jobs component for Joomla
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-49484
Assigner-Joomla! Project
ShareView Details
Assigner-Joomla! Project
CVSS Score-8.7||HIGH
EPSS-0.25% / 47.89%
||
7 Day CHG~0.00%
Published-18 Jul, 2025 | 09:51
Updated-31 Jul, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.1 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.

Action-Not Available
Vendor-joomsky.com
Product-JS Jobs component for Joomla
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-22208
Assigner-Joomla! Project
ShareView Details
Assigner-Joomla! Project
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 18.94%
||
7 Day CHG~0.00%
Published-15 Feb, 2025 | 08:10
Updated-04 Jun, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.

Action-Not Available
Vendor-joomskyjoomsky.com
Product-js_jobsJS Jobs component for Joomla
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-22209
Assigner-Joomla! Project
ShareView Details
Assigner-Joomla! Project
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 18.94%
||
7 Day CHG~0.00%
Published-15 Feb, 2025 | 08:10
Updated-04 Jun, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.

Action-Not Available
Vendor-joomskyjoomsky.com
Product-js_jobsJS Jobs component for Joomla
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-22206
Assigner-Joomla! Project
ShareView Details
Assigner-Joomla! Project
CVSS Score-4.7||MEDIUM
EPSS-0.11% / 30.48%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 14:20
Updated-04 Jun, 2025 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.2 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.

Action-Not Available
Vendor-joomskyjoomsky.com
Product-js_jobsJS Jobs component for Joomla
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')