← Back

Joomsky

joomsky

31 CVEs • 5 products

Products (5)

Click to collapse
Toggle
Js Help Desk
js_help_desk
12 CVEs
Js Job Manager
js_job_manager
11 CVEs
Js Jobs
js_jobs
6 CVEs
Js Support Ticket
js_support_ticket
1 CVE
Js Autoz
js_autoz
1 CVE

CVEs (31)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-58234
1Joomsky
1Js Job Manager
Apr 23, 2026
Sep 22, 2025
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Job Manager js-jobs allows Stored XSS.This issue affects JS Job Manager: from n/a through <= 2.0.2.
CVE-2025-32660
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 17, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager js-jobs allows Upload a Web Shell to a Web Server.This issue affects JS Job Manager: from n/a through <= 2.0.2.
CVE-2025-32626
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 17, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Job Manager js-jobs allows SQL Injection.This issue affects JS Job Manager: from n/a through <= 2.0.2.
CVE-2025-32627
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 11, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager js-jobs allows PHP Local File Inclusion.This issue affects JS Job Manager: f...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager js-jobs allows PHP Local File Inclusion.This issue affects JS Job Manager: from n/a through <= 2.0.2.Show less
CVE-2025-32146
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 4, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager js-jobs allows PHP Local File Inclusion.This issue affects JS Job Manager: f...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager js-jobs allows PHP Local File Inclusion.This issue affects JS Job Manager: from n/a through <= 2.0.2.Show less
CVE-2025-31868
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 1, 2025
N/A· v4
5.3 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through <= 2.0.2.
CVE-2025-31867
1Joomsky
1Js Job Manager
Apr 23, 2026
Apr 1, 2025
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through...Show more
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through <= 2.0.2.Show less
CVE-2025-30901
1Joomsky
1Js Help Desk
Apr 23, 2026
Apr 1, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help D...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help Desk: from n/a through <= 2.9.2.Show less
CVE-2025-30886
1Joomsky
1Js Help Desk
Apr 23, 2026
Apr 1, 2025
N/A· v4
10.0 CRITICAL· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2...Show more
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2.Show less
CVE-2025-30882
1Joomsky
1Js Help Desk
Apr 23, 2026
Apr 1, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1.
CVE-2025-30880
1Joomsky
1Js Help Desk
Apr 23, 2026
Apr 1, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2.
CVE-2025-30878
1Joomsky
1Js Help Desk
Apr 23, 2026
Apr 1, 2025
N/A· v4
9.1 CRITICAL· v3
N/A· v2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2.
CVE-2025-22209
1Joomsky
1Js Jobs
Jun 4, 2025
Feb 15, 2025
N/A· v4
4.7 MEDIUM· v3
N/A· v2
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer...Show more
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature.Show less
CVE-2025-22208
1Joomsky
1Js Jobs
Jun 4, 2025
Feb 15, 2025
N/A· v4
4.7 MEDIUM· v3
N/A· v2
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data...Show more
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.Show less
CVE-2025-22206
1Joomsky
1Js Jobs
Jun 4, 2025
Feb 4, 2025
N/A· v4
4.7 MEDIUM· v3
N/A· v2
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.
CVE-2022-46840
1Joomsky
1Js Help Desk
Apr 28, 2026
Dec 13, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk...Show more
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.Show less
CVE-2022-46838
1Joomsky
1Js Help Desk
Apr 28, 2026
Dec 13, 2024
N/A· v4
9.1 CRITICAL· v3
N/A· v2
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk...Show more
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.Show less
CVE-2023-28689
1Joomsky
1Js Job Manager
Apr 28, 2026
Dec 9, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0.
CVE-2024-51670
1Joomsky
1Js Help Desk
Apr 23, 2026
Nov 9, 2024
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7.
CVE-2024-43274
1Joomsky
1Js Help Desk
Jan 26, 2026
Nov 1, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Suppor...Show more
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.Show less