Harmistechnology Ek Rishta vulnerabilities
4 known vulnerabilities affecting harmistechnology/ek_rishta.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2018-7315P2CRITICALCVSS 9.8PoCv2.92018-02-22
CVE-2018-7315 [CRITICAL] CWE-89 CVE-2018-7315: SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter.
nvd
CVE-2018-12254P3HIGHCVSS 8.8PoCv2.102018-06-12
CVE-2018-12254 [HIGH] CWE-89 CVE-2018-12254: router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection v
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI.
nvd
CVE-2018-25351P3HIGHCVSS 8.8v2.102026-05-23
CVE-2018-25351 [HIGH] CWE-89 Joomla! Component EkRishta 2.10 SQL Injection via username
Joomla! Component EkRishta 2.10 SQL Injection via username
Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads in the username field to extract database information i
cvelistv5
CVE-2018-25348P3HIGHCVSS 8.2v2.102026-05-23
CVE-2018-25348 [HIGH] CWE-89 CVE-2018-25348: Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values containing SQL commands to extract sensitive database information.
cvelistv5nvd