Filtered by vendor Joomla Subscriptions
Filtered by product Joomla\! Subscriptions
Total 589 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-0972 2 G4j.laoneo, Joomla 2 Com Gcalendar, Joomla\! 2024-11-21 N/A
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0946 2 Joomla, Kiss-software 2 Joomla\!, Com Ksadvertiser 2024-11-21 N/A
SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php.
CVE-2010-0945 2 Hotbrackets, Joomla 2 Com Hotbrackets, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-0944 2 Joomla, Thorsten Riess 2 Joomla\!, Com Jcollection 2024-11-21 N/A
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0943 2 Joomla, Joomlart 2 Joomla\!, Com Jashowcase 2024-11-21 N/A
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
CVE-2010-0942 2 Joomla, Jvideodirect 2 Joomla\!, Com Jvideodirect 2024-11-21 N/A
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0803 2 Joomla, Jvideodirect 2 Joomla\!, Com Jvideodirect 2024-11-21 N/A
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php.
CVE-2010-0801 2 Autartica, Joomla 2 Com Autartitarot, Joomla\! 2024-11-21 N/A
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0800 2 Joomla, Joomservices 2 Joomla\!, Com Dms 2024-11-21 N/A
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php.
CVE-2010-0796 2 Harmistechnology, Joomla 2 Com Jeeventcalendar, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php.
CVE-2010-0795 2 Harmistechnology, Joomla 2 Com Jeeventcalendar, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php.
CVE-2010-0760 2 Greatjoomla, Joomla 2 Scriptegrator Plugin, Joomla\! 2024-11-21 N/A
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0759 2 Greatjoomla, Joomla 2 Scriptegrator Plugin, Joomla\! 2024-11-21 N/A
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
CVE-2010-0753 2 Componentslab, Joomla 2 Com Sqlreport, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0692 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0676 2 Joomla, Weberr 2 Joomla\!, Com Rwcards 2024-11-21 N/A
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
CVE-2010-0670 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2024-11-21 N/A
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors.
CVE-2010-0635 2 Jevents, Joomla 2 Jevents Search Plugin, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2010-0632 2 Joomla, Parkviewconsultants 2 Joomla\!, Com Simplefaq 2024-11-21 N/A
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php.
CVE-2010-0610 2 Joomla, Webguerilla 2 Joomla\!, Com Photoblog 2024-11-21 N/A
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.