VYPR

EkRishta

by Joomla

CVEs (3)

  • CVE-2018-7315CriFeb 22, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter.

  • CVE-2018-25351HigMay 23, 2026
    risk 0.53cvss 8.2epss 0.00

    Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL…

  • CVE-2018-25330HigMay 17, 2026
    risk 0.53cvss 8.2epss 0.00

    Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address…