Filtered by vendor Joomla
Subscribe
Total
920 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-2122 | 2 Joelrowley, Joomla | 2 Com Simpledownload, Joomla\! | 2024-02-28 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4166 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php. | |||||
CVE-2010-1953 | 2 Joomla, Joomlacomponent.inetlanka | 2 Joomla\!, Com Multimap | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4795 | 2 Joomla, Joomlaseller | 2 Joomla\!, Com Jscalendar | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4918 | 2 Ijoomla, Joomla | 2 Com Magazine, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magazine.functions.php. | |||||
CVE-2010-1477 | 2 Joomla, Martin Hess | 2 Joomla\!, Com Sermonspeaker | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. | |||||
CVE-2010-1302 | 2 Decryptweb, Joomla | 2 Com Dwgraphs, Joomla\! | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
CVE-2010-1529 | 2 Freestyle, Joomla | 2 Faqs Lite, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php. | |||||
CVE-2010-4838 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2024-02-28 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php. | |||||
CVE-2011-0005 | 1 Joomla | 2 Com Search, Joomla\! | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php. | |||||
CVE-2010-1878 | 2 Blueflyingfish.no-ip, Joomla | 2 Com Orgchart, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1312 | 2 Ijoomla, Joomla | 2 Com News Portal, Joomla\! | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1980 | 2 Joomla, Roberto Aloi | 2 Joomla\!, Com Joomlaflickr | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-2678 | 2 Guillermo Vargas, Joomla | 2 Com Xmap, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
CVE-2010-4718 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | |||||
CVE-2009-4576 | 2 Cmstactics, Joomla | 2 Com Beeheard, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php. | |||||
CVE-2010-2034 | 2 Joomla, Percha | 2 Joomla\!, Com Perchaimageattach | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4837 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4550 | 2 Joomla, Kunena | 2 Joomla\!, Kunena Forum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | |||||
CVE-2009-4650 | 2 Joomla, Onnogroen | 2 Joomla\!, Com Webeecomment | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information. |