Extensiondepot Com Jsupport vulnerabilities
2 known vulnerabilities affecting extensiondepot/com_jsupport.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-4838P3MEDIUMCVSS 6.0PoCv1.5.62011-09-14
CVE-2010-4838 [MEDIUM] CWE-89 CVE-2010-4838: SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.
nvd
CVE-2010-4837P4MEDIUMCVSS 4.3PoCv1.5.62011-09-14
CVE-2010-4837 [MEDIUM] CWE-79 CVE-2010-4837: Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla!
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information.
nvd