Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9922 | 1 Harmistechnology | 1 Je Messenger | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files. | |||||
CVE-2019-9921 | 1 Harmistechnology | 1 Je Messenger | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user. | |||||
CVE-2019-9920 | 1 Harmistechnology | 1 Je Messenger | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user. | |||||
CVE-2019-9919 | 1 Harmistechnology | 1 Je Messenger | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS. | |||||
CVE-2019-9918 | 1 Harmistechnology | 1 Je Messenger | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database. |