Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
589 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-1499 | 1 Joomla | 2 Com Mailto, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor. | ||||
CVE-2010-5280 | 2 Joomla, Joomla-cbe | 2 Joomla\!, Com Cbe | 2024-08-07 | N/A |
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature. | ||||
CVE-2010-5043 | 2 Blueconstantmedia, Joomla | 2 Com Djartgallery, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | ||||
CVE-2010-5042 | 2 Blueconstantmedia, Joomla | 2 Com Djartgallery, Joomla\! | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
CVE-2010-5048 | 2 Joomla, Joomlatune | 2 Joomla\!, Com Jcomments | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php. | ||||
CVE-2010-5028 | 2 Harmistechnology, Joomla | 2 Com Jejob, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | ||||
CVE-2010-5044 | 2 Joomla, Kanich | 2 Joomla\!, Com Searchlog | 2024-08-07 | N/A |
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | ||||
CVE-2010-5003 | 2 Autartica, Joomla | 2 Com Autartimonial, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | ||||
CVE-2010-5032 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfquiztrial | 2024-08-07 | N/A |
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | ||||
CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2024-08-07 | N/A |
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | ||||
CVE-2010-4995 | 2 Joomla, Neojoomla | 2 Joomla\!, Com Neorecruit | 2024-08-07 | N/A |
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | ||||
CVE-2010-4994 | 2 Instantphp, Joomla | 2 Jobs Pro, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | ||||
CVE-2010-4991 | 2 Joomla, Ninjaforge | 2 Joomla\!, Ninjamonials | 2024-08-07 | N/A |
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | ||||
CVE-2010-4993 | 2 Joomla, Kay Messerschmidt | 2 Joomla\!, Com Eventcal | 2024-08-07 | N/A |
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
CVE-2010-4990 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2024-08-07 | N/A |
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | ||||
CVE-2010-4968 | 2 Joomla, Webmaster-tips | 2 Joomla\!, Com Wmtpic | 2024-08-07 | N/A |
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
CVE-2010-4944 | 2 Joomla, Mambo-foundation | 3 Com Elite Experts, Joomla\!, Mambo | 2024-08-07 | N/A |
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | ||||
CVE-2010-4941 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Teams | 2024-08-07 | N/A |
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php. | ||||
CVE-2010-4977 | 2 Joomla, Miniwork | 2 Joomla\!, Com Canteen | 2024-08-07 | N/A |
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. |