Filtered by vendor Joomla
Subscribe
Total
920 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4941 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Teams | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php. | |||||
CVE-2010-4853 | 2 Chillcreations, Joomla | 2 Com Ccinvoices, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. | |||||
CVE-2011-2890 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 5.0 MEDIUM | N/A |
The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488. | |||||
CVE-2010-5044 | 2 Joomla, Kanich | 2 Joomla\!, Com Searchlog | 2024-02-28 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-0373 | 1 Joomla | 2 Com Libros, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
CVE-2010-0800 | 2 Joomla, Joomservices | 2 Joomla\!, Com Dms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. | |||||
CVE-2010-2923 | 2 Joomla, Prasanna | 2 Joomla\!, Com Youtube | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. | |||||
CVE-2010-4865 | 2 Harmistechnology, Joomla | 2 Com Jeguestbook, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php. | |||||
CVE-2010-0796 | 2 Harmistechnology, Joomla | 2 Com Jeeventcalendar, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. | |||||
CVE-2010-2513 | 2 Harmistechnology, Joomla | 2 Com Jeajaxeventcalendar, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | |||||
CVE-2010-1314 | 2 Joomla, Joomlanook | 2 Joomla\!, Com Hsconfig | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-2679 | 1 Joomla | 2 Com Weblinks, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | |||||
CVE-2010-2045 | 2 Dionesoft, Joomla | 2 Com Dioneformwizard, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
CVE-2010-1718 | 2 Joomla, Lispeltuut | 2 Joomla\!, Com Archeryscores | 2024-02-28 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1746 | 2 Joomla, Toolsjx | 2 Joomla\!, Com Grid | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php. | |||||
CVE-2010-1461 | 2 Gogoritas, Joomla | 2 Com Photobattle, Joomla\! | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. | |||||
CVE-2010-2514 | 2 Dacian Strain, Joomla | 2 Com Jfaq, Joomla\! | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php. | |||||
CVE-2010-2259 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1304 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Userstatus | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1470 | 2 Dev.pucit.edu.pk, Joomla | 2 Com Webtv, Joomla | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. |