Filtered by vendor Joomla
Subscribe
Total
920 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4928 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Restaurantguide | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character. | |||||
CVE-2010-4927 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Restaurantguide | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. | |||||
CVE-2010-4926 | 2 Joomla, Timetrack | 2 Joomla\!, Com Timetrack | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | |||||
CVE-2010-4918 | 2 Ijoomla, Joomla | 2 Com Magazine, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magazine.functions.php. | |||||
CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4902 | 2 Joomla, Joomla-clantools | 2 Joomla\!, Clantools | 2024-11-21 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. | |||||
CVE-2010-4898 | 2 Gantry-framework, Joomla | 2 Com Gantry, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. | |||||
CVE-2010-4865 | 2 Harmistechnology, Joomla | 2 Com Jeguestbook, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php. | |||||
CVE-2010-4864 | 2 Danieljamesscott, Joomla | 2 Com Clubmanager, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php. | |||||
CVE-2010-4862 | 2 Harmistechnology, Joomla | 2 Com Jedirectory, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | |||||
CVE-2010-4853 | 2 Chillcreations, Joomla | 2 Com Ccinvoices, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. | |||||
CVE-2010-4838 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2024-11-21 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php. | |||||
CVE-2010-4837 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4795 | 2 Joomla, Joomlaseller | 2 Joomla\!, Com Jscalendar | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4794 | 2 Joomla, Joomlaseller | 2 Joomla\!, Com Jscalendar | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4769 | 2 Janguo, Joomla | 2 Com Jimtawl, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php. | |||||
CVE-2010-4739 | 2 Aretimes, Joomla | 2 Com Maianmedia, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php. | |||||
CVE-2010-4720 | 2 Harmistechnology, Joomla | 2 Com Jeauto, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | |||||
CVE-2010-4719 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2024-11-21 | 7.5 HIGH | N/A |
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
CVE-2010-4718 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. |