Filtered by vendor Rsjoomla
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27444 | 1 Rsjoomla | 1 Rsform\!pro | 2025-06-09 | N/A | 4.8 MEDIUM |
| A reflected XSS vulnerability in RSform!Pro component 3.0.0 - 3.3.13 for Joomla was discovered. The issue arises from the improper handling of the filter[dateFrom] GET parameter, which is reflected unescaped in the administrative backend interface. This allows an authenticated attacker with admin or editor privileges to inject arbitrary JavaScript code by crafting a malicious URL. | |||||
| CVE-2021-4226 | 1 Rsjoomla | 1 Rsfirewall\! | 2025-05-27 | N/A | 9.8 CRITICAL |
| RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented. | |||||
| CVE-2010-2464 | 2 Joomla, Rsjoomla | 2 Joomla\!, Com Rscomments | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php. | |||||