Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jdownloads Subscribe
Filtered by product Jdownloads
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27909 1 Jdownloads 1 Jdownloads 2024-02-04 4.0 MEDIUM 4.3 MEDIUM
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
CVE-2020-19447 1 Jdownloads 1 Jdownloads 2024-02-04 5.0 MEDIUM 7.5 HIGH
SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.
CVE-2020-19450 1 Jdownloads 1 Jdownloads 2024-02-04 5.0 MEDIUM 7.5 HIGH
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.
CVE-2020-19451 1 Jdownloads 1 Jdownloads 2024-02-04 5.0 MEDIUM 7.5 HIGH
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.
CVE-2020-19455 1 Jdownloads 1 Jdownloads 2024-02-04 5.0 MEDIUM 7.5 HIGH
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.
CVE-2018-10068 1 Jdownloads 1 Jdownloads 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
The jDownloads extension before 3.2.59 for Joomla! has XSS.