RSS   Podatności dla 'Je messenger'   RSS

2019-03-29
 
CVE-2019-9922

CWE-22
 

 
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.

 
 
CVE-2019-9921

CWE-284
 

 
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.

 
 
CVE-2019-9920

CWE-264
 

 
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.

 
 
CVE-2019-9919

CWE-79
 

 
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.

 
 
CVE-2019-9918

CWE-89
 

 
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.

 

 >>> Vendor: Harmistechnology 12 Produkty
Com jeeventcalendar
Com jequoteform
Com jeajaxeventcalendar
Com awd song
Com jesectionfinder
Com jeauto
Com jedirectory
Com jeguestbook
Com jesubmit
Com jejob
Ek rishta
Je messenger


Copyright 2024, cxsecurity.com

 

Back to Top