Filtered by vendor Joomla Subscriptions
Total 921 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-6276 2 Drupal, Joomla 2 User Karma Module, Joomla\! 2024-11-21 N/A
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary SQL commands via (1) a content type or (2) a voting API value.
CVE-2008-6275 2 Drupal, Joomla 2 User Karma Module, Joomla\! 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified messages.
CVE-2008-6234 2 Joomla, Mambo-foundation 4 Com Musica, Joomla, Com Musica and 1 more 2024-11-21 N/A
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-6222 2 Joomla, Joomlashowroom 2 Joomla, Pro Desk Support Center 2024-11-21 N/A
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVE-2008-6221 2 Dadamailproject, Joomla 2 Dada Mail Manager, Joomla 2024-11-21 N/A
PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.
CVE-2008-6184 2 Joomla, Medialab-karlsruhe 2 Joomla, Ownbiblio 2024-11-21 N/A
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.
CVE-2008-6182 1 Joomla 2 Ignitegallery, Joomla\! 2024-11-21 N/A
SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php.
CVE-2008-6181 2 Joomla, Mad4media 2 Joomla, Com Mad4joomla 2024-11-21 N/A
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
CVE-2008-6172 2 Joomla, Weberr 2 Joomla, Rwcards 2024-11-21 N/A
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
CVE-2008-6166 2 Jmds, Joomla 2 Com Kbase, Joomla 2024-11-21 N/A
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2008-6149 2 Joomla, Joomlaapps 2 Joomla, Com Mdigg 2024-11-21 N/A
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php.
CVE-2008-6148 2 Joomla, Raven-worx 2 Joomla, Liveticker 2024-11-21 N/A
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php.
CVE-2008-6116 2 Extrosoft, Joomla 2 Com Thyme, Joomla 2024-11-21 N/A
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php.
CVE-2008-6088 2 Joomla, Joomtracker 2 Joomla, Com Joomtracker 2024-11-21 N/A
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.
CVE-2008-6080 2 Codecall, Joomla 2 Com Ionfiles, Joomla 2024-11-21 N/A
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2008-6076 2 Jlleblanc, Joomla 2 Com Dailymessage, Joomla 2024-11-21 N/A
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-6068 2 Joomla, Web Design Hero 2 Joomla, Joomladate 2024-11-21 N/A
SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php.
CVE-2008-6050 2 Ircmaxell, Joomla 2 Tech Article, Joomla 2024-11-21 N/A
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php.
CVE-2008-5957 2 Joomla, Mydyngallery 2 Joomla, Mydyngallery 2024-11-21 N/A
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
CVE-2008-5875 2 Joomla, Joomlahbs 3 Joomla, Com Lowcosthotels, Hotel Booking Reservation System 2024-11-21 N/A
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.