Harmistechnology Je Messenger vulnerabilities
5 known vulnerabilities affecting harmistechnology/je_messenger.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-9922P2HIGHCVSS 7.5PoCv1.2.22019-03-29
CVE-2019-9922 [HIGH] CWE-22 CVE-2019-9922: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.
nvd
CVE-2019-9918P3CRITICALCVSS 9.1v1.2.22019-03-29
CVE-2019-9918 [CRITICAL] CWE-89 CVE-2019-9918: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get v
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.
nvd
CVE-2019-9920P3HIGHCVSS 8.8v1.2.22019-03-29
CVE-2019-9920 [HIGH] CVE-2019-9920: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to pe
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.
nvd
CVE-2019-9921P4MEDIUMCVSS 6.5v1.2.22019-03-29
CVE-2019-9921 [MEDIUM] CWE-639 CVE-2019-9921: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to re
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.
nvd
CVE-2019-9919P4MEDIUMCVSS 5.4v1.2.22019-03-29
CVE-2019-9919 [MEDIUM] CWE-79 CVE-2019-9919: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to cr
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.
nvd