VYPR

Com Jsupport

by Extensiondepot

CVEs (2)

  • CVE-2010-4838Sep 14, 2011
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to…

  • CVE-2010-4837Sep 14, 2011
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are…