Known Vulnerabilities for products from JoomSky
Listed below are 20 of the newest known vulnerabilities associated with the vendor "JoomSky".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32535 | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-32534 | Not Provided | 2026-03-25 | 2026-03-25 | |
| CVE-2025-58234 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Job Manager ... | Not Provided | 2025-09-22 | 2026-04-01 |
| CVE-2025-32660 | Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager js-jobs allows Upload a Web Shell to ... | Not Provided | 2025-04-17 | 2026-04-01 |
| CVE-2025-32627 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Joom... | Not Provided | 2025-04-11 | 2026-04-01 |
| CVE-2025-32626 | Not Provided | 2025-04-17 | 2026-04-01 | |
| CVE-2025-32146 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Joom... | Not Provided | 2025-04-04 | 2026-04-01 |
| CVE-2025-31868 | Not Provided | 2025-04-01 | 2026-04-01 | |
| CVE-2025-31867 | Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectl... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-30901 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Joom... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-30886 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-30882 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-suppo... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-30880 | Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-30878 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-suppo... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2024-51670 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js... | Not Provided | 2024-11-09 | 2026-04-01 |
| CVE-2019-17527 | dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection... | 9.8 - CRITICAL | 2019-12-19 | 2020-01-02 |
| CVE-2018-21002 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. | 8.8 - HIGH | 2019-08-27 | 2019-08-28 |
| CVE-2018-20974 | The js-jobs plugin before 1.0.7 for WordPress has CSRF. | 8.8 - HIGH | 2019-08-16 | 2019-08-21 |
| CVE-2018-9183 | The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. | 5.4 - MEDIUM | 2018-04-02 | 2018-05-02 |
| CVE-2018-6007 | CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. | 8.8 - HIGH | 2018-01-29 | 2018-02-15 |
Known software with vulnerabilities from JoomSky
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Joomsky | Js Autoz | 1.0.9 |
| Application | Joomsky | Js Help Desk | 1.0.0 |
| Application | Joomsky | Js Job Manager | - |
| Application | Joomsky | Js Jobs | 1.0.6 |
| Application | Joomsky | Js Support Ticket | 1.1.0 |