joobi jnews vulnerabilities and exploits

(subscribe to this query)

7.2

CVSSv3

JNews Joomla Component prior to 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.

Joobi Jnews

8.8

CVSSv3

JNews Joomla Component prior to 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension.

Joobi Jnews

4.8

CVSSv3

JNews Joomla Component prior to 8.5.0 has XSS via the mailingsearch parameter.

Joobi Jnews 8.3.1

NA

The jNews (com_jnews) component 7.5.1 for Joomla! allows remote malicious users to obtain sensitive information via the emailsearch parameter, which reveals the installation path in an error message.

Joobi Com Jnews 7.5.1

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook