Filtered by vendor Joomla
Subscribe
Total
920 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-5041 | 1 Joomla | 2 Com Hotproperties, Hot Properties | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors. | |||||
CVE-2007-2199 | 4 Cjg Explorer Pro, Joomla, Nx and 1 more | 4 Cjg Explorer Pro, Joomla, N X Wcms and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. | |||||
CVE-2008-0746 | 2 Joomla, Mambo | 2 Com Gallery, Com Gallery | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
CVE-2007-1703 | 1 Joomla | 1 Rwcards Component | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the RWCards (com_rwcards) 2.4.3 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
CVE-2007-4503 | 1 Joomla | 1 Nice Talk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Nice Talk component (com_nicetalk) 0.9.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the tagid parameter. | |||||
CVE-2007-4779 | 1 Joomla | 1 Joomla | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section. | |||||
CVE-2007-4504 | 1 Joomla | 1 Rsfiles | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action. | |||||
CVE-2008-0829 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Jooget, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | |||||
CVE-2008-0689 | 1 Joomla | 1 Com Marketplace | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | |||||
CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | |||||
CVE-2007-6643 | 1 Joomla | 1 Joomla | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2007-4188 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 9.3 HIGH | N/A |
Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors. | |||||
CVE-2008-0514 | 2 Joomla, Mambo | 2 Glossary, Glossary | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. | |||||
CVE-2008-0831 | 1 Joomla | 1 Rapid Recipe | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754. | |||||
CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | |||||
CVE-2007-4954 | 1 Joomla | 1 Joom12pic Component | 2024-02-28 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | |||||
CVE-2006-5044 | 2 Joomla, Mambo | 2 Prince Clan Chess Component, Prince Clan Chess Component | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Prince Clan (Princeclan) Chess component (com_pcchess) 0.8 and earlier for Mambo and Joomla! has unspecified impact and attack vectors. | |||||
CVE-2008-0817 | 2 Joomla, Mambo | 2 Com Filebase Component, Com Filebase Component | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
CVE-2008-0772 | 2 Joomla, Mambo | 2 Com Doc, Com Doc | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | |||||
CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |