Vulnerabilities (CVE)

Filtered by vendor Joomla Subscribe
Total 920 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1877 2 Joomla, Jtmreseller 2 Joomla\!, Com Jtm 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php.
CVE-2010-1875 2 Com-property, Joomla 2 Com Properties, Joomla\! 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1874 2 Com-property, Joomla 2 Com Properties, Joomla\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1873 2 Joomla, Jvehicles 2 Joomla\!, Com Jvehicles 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1858 2 Gelembjuk, Joomla 2 Com Smestorage, Joomla\! 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-1746 2 Joomla, Toolsjx 2 Joomla\!, Com Grid 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php.
CVE-2010-1739 1 Joomla 2 Com Newsfeeds, Joomla\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
CVE-2010-1723 2 Joomla, Joomlacomponent.inetlanka 2 Joomla\!, Com Drawroot 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1722 2 Dev.pucit.edu.pk, Joomla 2 Com Market, Joomla\! 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1721 2 Joomla, Thethinkery 2 Joomla\!, Com Iproperty 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
CVE-2010-1720 2 Joomla, Qproje 2 Joomla\!, Com Qpersonel 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
CVE-2010-1719 2 Joomla, Moto-treks 2 Joomla\!, Com Mtfireeagle 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1718 2 Joomla, Lispeltuut 2 Joomla\!, Com Archeryscores 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1715 2 Joomla, Pucit.edu 2 Joomla\!, Com Onlineexam 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1714 2 Dev.pucit.edu.pk, Joomla 2 Com Arcadegames, Joomla\! 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1659 2 Joomla, Webkul 2 Joomla\!, Com Ultimateportfolio 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1653 2 Htmlcoderhelper, Joomla 2 Com Graphics, Joomla\! 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1649 1 Joomla 1 Joomla\! 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "various administrator screens," possibly the search parameter in administrator/index.php.
CVE-2010-1607 2 Joomla, Paysyspro 2 Joomla\!, Com Wmi 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.