Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5410 2 Joomla, Webmaster-tips 2 Joomla, Flash Rss Reader 2025-04-09 N/A
PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2009-2782 2 Jfusion, Joomla 2 Com Jfusion, Joomla 2025-04-09 N/A
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2008-6881 2 Joomla, Joompolitan 2 Joomla\!, Com Livechat 2025-04-09 N/A
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php.
CVE-2008-6481 3 Joomla, Joomprod, Mambo-foundation 3 Joomla, Com Versioning, Mambo 2025-04-09 N/A
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
CVE-2009-0702 2 Joomla, Phoca 2 Joomla, Com Phocadocumentation 2025-04-09 N/A
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
CVE-2009-3054 2 Artetics, Joomla 2 Com Artportal, Joomla 2025-04-09 N/A
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
CVE-2007-5427 1 Joomla 2 Com Search Component, Joomla 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1.
CVE-2009-3063 2 Indianpulses, Joomla 2 Com Gameserver, Joomla 2025-04-09 N/A
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
CVE-2009-3491 2 Joomla, Kinfusion 2 Joomla\!, Com Sportfusion 2025-04-09 N/A
SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php.
CVE-2009-2637 2 Joomla, Ordasoft 2 Joomla, Com Booklibrary 2025-04-09 N/A
PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2008-4777 2 Joomla, Mambo 3 Com Lms, Joomla, Mambo 2025-04-09 N/A
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.
CVE-2009-2634 2 Joomla, Ordasoft 2 Joomla, Com Medialibrary 2025-04-09 N/A
PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2007-6645 1 Joomla 1 Joomla 2025-04-09 N/A
Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability."
CVE-2008-0795 3 Joomla, Mambo, Mgfi 3 Joomla, Mambo, Xfaq 2025-04-09 N/A
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2009-1499 1 Joomla 2 Com Mailto, Joomla\! 2025-04-09 N/A
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVE-2008-1465 3 Detodas, Joomla, Mambo-foundation 3 Com Restaurante, Joomla\!, Mambo 2025-04-09 N/A
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
CVE-2008-1935 1 Joomla 1 Joomla 2025-04-09 N/A
SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter.
CVE-2009-2400 2 Fijiwebdesign, Joomla 2 Com Php, Joomla 2025-04-09 N/A
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-3225 1 Joomla 1 Joomla 2025-04-09 N/A
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
CVE-2009-4583 1 Joomla 2 Com Dhforum, Joomla\! 2025-04-09 N/A
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.