Joobi - Jnews CVE

Filtered by vendor Joobi Subscriptions

Filtered by product Jnews Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2015-7343	1 Joobi	1 Jnews	2020-03-10	4.8 Medium
JNews Joomla Component before 8.5.0 has XSS via the mailingsearch parameter.
CVE-2015-7341	1 Joobi	1 Jnews	2020-03-10	8.8 High
JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension.
CVE-2015-7342	1 Joobi	1 Jnews	2020-03-10	7.2 High
JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.

Page 1 of 1.