Filtered by vendor Joomla
Subscribe
Total
920 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0610 | 2 Joomla, Webguerilla | 2 Joomla\!, Com Photoblog | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist. | |||||
CVE-2010-2918 | 2 Joomla, Visocrea | 2 Joomla\!, Com Joomla Visites | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2011-4808 | 2 Joomla, Joomlaextensions | 2 Joomla\!, Com Hmcommunity | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. | |||||
CVE-2010-4268 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Flipwall | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
CVE-2010-2908 | 2 Joomdle, Joomla | 2 Com Joomdle, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | |||||
CVE-2010-1955 | 2 Joomla, Thefactory | 2 Joomla\!, Com Blogfactory | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-0801 | 2 Autartica, Joomla | 2 Com Autartitarot, Joomla\! | 2024-02-28 | 3.5 LOW | N/A |
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-3203 | 2 Joomla, Xmlswf | 2 Joomla\!, Com Picsell | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php. | |||||
CVE-2010-5053 | 2 Joomla, Php-shop-system | 2 Joomla\!, Com Xobbix | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | |||||
CVE-2010-0456 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php. | |||||
CVE-2010-1877 | 2 Joomla, Jtmreseller | 2 Joomla\!, Com Jtm | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php. | |||||
CVE-2011-4823 | 2 Extensionsforjoomla, Joomla | 2 Com Vikrealestate, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php. | |||||
CVE-2010-2254 | 2 Joomla, Shape5 | 2 Joomla\!, Bridge Of Hope Template | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | |||||
CVE-2009-4604 | 2 Fernando Soares, Joomla | 2 Com Mamboleto, Joomla | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2010-0635 | 2 Jevents, Joomla | 2 Jevents Search Plugin, Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-2682 | 2 Joomla, Realtyna | 2 Joomla\!, Com Realtyna | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-2255 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-1478 | 2 Joomla, Ternaria | 2 Joomla\!, Com Jfeedback | 2024-02-28 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-0944 | 2 Joomla, Thorsten Riess | 2 Joomla\!, Com Jcollection | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-2909 | 2 Joomla, Toughtomato | 2 Joomla\!, Com Ttvideo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. |