VYPR

Js Jobs

by Joomla

CVEs (8)

  • CVE-2018-5994CriFeb 17, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.

  • CVE-2025-49484HigJul 18, 2025
    risk 0.60cvss epss 0.03

    A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.

  • CVE-2025-54475HigAug 15, 2025
    risk 0.57cvss epss 0.00

    A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.

  • CVE-2018-25327MedMay 17, 2026
    risk 0.34cvss 5.3epss 0.00

    Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete…

  • CVE-2025-22209MedFeb 15, 2025
    risk 0.31cvss 4.7epss 0.00

    A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.

  • CVE-2025-22208MedFeb 15, 2025
    risk 0.31cvss 4.7epss 0.01

    A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.

  • CVE-2025-22206MedFeb 4, 2025
    risk 0.31cvss 4.7epss 0.09

    A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.

  • CVE-2009-4599Jan 12, 2010
    risk 0.03cvss epss 0.02

    Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job…