← Back

Harmistechnology

harmistechnology

22 CVEs • 12 products

Products (12)

Click to collapse
Toggle
Je Messenger
je_messenger
5 CVEs
Com Jeajaxeventcalendar
com_jeajaxeventcalendar
3 CVEs
Com Jeeventcalendar
com_jeeventcalendar
2 CVEs
Com Jeauto
com_jeauto
2 CVEs
Com Jesubmit
com_jesubmit
2 CVEs
Ek Rishta
ek_rishta
2 CVEs
Com Jequoteform
com_jequoteform
1 CVE
Com Awd Song
com_awd_song
1 CVE
Com Jesectionfinder
com_jesectionfinder
1 CVE
Com Jedirectory
com_jedirectory
1 CVE
Com Jeguestbook
com_jeguestbook
1 CVE
Com Jejob
com_jejob
1 CVE

CVEs (22)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-9922
1Harmistechnology
1Je Messenger
Nov 21, 2024
Mar 29, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.
CVE-2019-9921
1Harmistechnology
1Je Messenger
Nov 21, 2024
Mar 29, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.
CVE-2019-9920
1Harmistechnology
1Je Messenger
Nov 21, 2024
Mar 29, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.
CVE-2019-9919
1Harmistechnology
1Je Messenger
Nov 21, 2024
Mar 29, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XS...Show more
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.Show less
CVE-2019-9918
1Harmistechnology
1Je Messenger
Nov 21, 2024
Mar 29, 2019
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be execut...Show more
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.Show less
CVE-2018-12254
1Harmistechnology
1Ek Rishta
Nov 21, 2024
Jun 12, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI.
CVE-2018-7315
1Harmistechnology
1Ek Rishta
Nov 21, 2024
Feb 22, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter.
CVE-2012-5230
1Harmistechnology
1Com Jesubmit
Apr 29, 2026
Oct 1, 2012
N/A· v4
N/A· v3
7.5 HIGH· v2
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
CVE-2010-5028
1Harmistechnology
1Com Jejob
Apr 29, 2026
Nov 2, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
CVE-2010-5022
1Harmistechnology
1Com Jesubmit
Apr 29, 2026
Nov 2, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVE-2010-4865
1Harmistechnology
1Com Jeguestbook
Apr 29, 2026
Oct 5, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
CVE-2010-4862
1Harmistechnology
1Com Jedirectory
Apr 29, 2026
Oct 5, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
CVE-2010-4720
1Harmistechnology
1Com Jeauto
Apr 29, 2026
Feb 1, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
CVE-2010-4517
1Harmistechnology
1Com Jeauto
Apr 29, 2026
Dec 9, 2010
N/A· v4
N/A· v3
6.8 MEDIUM· v2
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an ite...Show more
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php.Show less
CVE-2010-4365
1Harmistechnology
1Com Jeajaxeventcalendar
Apr 29, 2026
Dec 1, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to...Show more
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.Show less
CVE-2010-2680
1Harmistechnology
1Com Jesectionfinder
Apr 29, 2026
Jul 12, 2010
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequenc...Show more
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.Show less
CVE-2010-2613
1Harmistechnology
1Com Awd Song
Apr 29, 2026
Jul 2, 2010
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly...Show more
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php.Show less
CVE-2010-2513
1Harmistechnology
1Com Jeajaxeventcalendar
Apr 29, 2026
Jun 28, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVE-2010-2129
1Harmistechnology
1Com Jeajaxeventcalendar
Apr 29, 2026
Jun 1, 2010
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to...Show more
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.Show less
CVE-2010-2128
1Harmistechnology
1Com Jequoteform
Apr 29, 2026
Jun 1, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in th...Show more
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php.Show less