CVE-2025-22206

MEDIUM Year: 2025
CVSS v3 Score
4.7
Medium
Weakness Type
CWE-89
View all →

Vulnerability Description

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature.

Related Vulnerabilities

CVE-2019-4147

MEDIUM
CVSS:4.7(Medium)

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or ...

CWE-892019

CVE-2023-0531

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/booking_report.php. The manipula...

CWE-892023

CVE-2023-0532

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapprove...

CWE-892023

CVE-2023-0533

MEDIUM
CVSS:4.7(Medium)

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin...

CWE-892023

CVE-2023-0534

MEDIUM
CVSS:4.7(Medium)

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file admin/expense_report.php. The mani...

CWE-892023

CVE-2024-13608

MEDIUM
CVSS:4.7(Medium)

The Track Logins WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

CWE-892024