Filtered by vendor Cmsjunkie
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-5182 | 1 Cmsjunkie | 1 J-businessdirectory | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" (or similar attributes such as noreferrer), the tabnabbing may occur. To reproduce the bug, create a business with a website link that contains JavaScript to exploit the window.opener property (for example, by setting window.opener.location). | |||||
CVE-2015-1477 | 1 Cmsjunkie | 1 J-classifiedsmanager | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads. | |||||
CVE-2015-1478 | 1 Cmsjunkie | 1 J-classifiedsmanager | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds. |