| CVE-2010-2847 |
high |
— |
8.5 |
EXP |
|
gonzalo_maserjoomla |
16y ago |
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter… |
| CVE-2010-2846 |
medium |
— |
5.3 |
EXP |
|
gonzalo_maserjoomla |
16y ago |
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg para… |
| CVE-2010-2845 |
high |
— |
8.5 |
EXP |
|
schlu.netjoomla |
16y ago |
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index… |
| CVE-2010-2694 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php. |
| CVE-2010-2690 |
high |
— |
8.5 |
EXP |
|
jooforgejoomla |
16y ago |
SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter i… |
| CVE-2010-2682 |
high |
— |
8.5 |
EXP |
|
realtynajoomla |
16y ago |
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via… |
| CVE-2010-2681 |
high |
— |
8.5 |
EXP |
|
joomla |
16y ago |
PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to inde… |
| CVE-2010-2680 |
medium |
— |
7.8 |
EXP |
|
harmistechnologyjoomla |
16y ago |
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via direct… |
| CVE-2010-2679 |
high |
— |
8.5 |
EXP |
|
joomla |
16y ago |
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. |
| CVE-2010-2622 |
high |
— |
8.5 |
EXP |
|
joomanagerjoomla |
16y ago |
SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. |
| CVE-2010-2613 |
medium |
— |
5.3 |
EXP |
|
harmistechnologyjoomla |
16y ago |
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, … |
| CVE-2010-2513 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
16y ago |
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to ind… |
| CVE-2010-2507 |
medium |
— |
7.8 |
EXP |
|
masselinkjoomla |
16y ago |
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified othe… |
| CVE-2010-2464 |
medium |
— |
5.3 |
EXP |
|
rsjoomlajoomla |
16y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) webs… |
| CVE-2010-2259 |
high |
— |
8.5 |
EXP |
|
tamlyncreativejoomla |
16y ago |
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller param… |
| CVE-2010-2255 |
high |
— |
8.5 |
EXP |
|
tamlyncreativejoomla |
16y ago |
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joo… |
| CVE-2010-2254 |
high |
— |
8.5 |
EXP |
|
shape5joomla |
16y ago |
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. |
| CVE-2010-2148 |
high |
— |
8.5 |
EXP |
|
unisoftjoomla |
16y ago |
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. |
| CVE-2010-2147 |
medium |
— |
5.3 |
EXP |
|
unisoftjoomla |
16y ago |
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php. |
| CVE-2010-2129 |
medium |
— |
7.8 |
EXP |
|
harmistechnologyjoomla |
16y ago |
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in t… |
| CVE-2010-2128 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
16y ago |
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via… |
| CVE-2010-2122 |
medium |
— |
7.8 |
EXP |
|
joelrowleyjoomla |
16y ago |
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot)… |
| CVE-2010-2050 |
high |
— |
8.5 |
EXP |
|
m0r0njoomla |
16y ago |
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller p… |
| CVE-2010-2045 |
high |
— |
8.5 |
EXP |
|
dionesoftjoomla |
16y ago |
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequ… |
| CVE-2010-2044 |
high |
— |
8.5 |
EXP |
|
adhie_utomojoomla |
16y ago |
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.… |
| CVE-2010-2037 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified ot… |
| CVE-2010-2036 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other im… |
| CVE-2010-2035 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact v… |
| CVE-2010-2034 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… |
| CVE-2010-2033 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecifie… |
| CVE-2010-1983 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parame… |
| CVE-2010-1982 |
medium |
— |
6.0 |
EXP |
|
joomlartjoomla |
16y ago |
Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1980 |
high |
— |
8.5 |
EXP |
|
roberto_aloijoomla |
16y ago |
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a ..… |
| CVE-2010-1979 |
medium |
— |
7.8 |
EXP |
|
affiliatefeedsjoomla |
16y ago |
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller param… |
| CVE-2010-1977 |
high |
— |
8.5 |
EXP |
|
gohigherisjoomla |
16y ago |
Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to … |
| CVE-2010-1957 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to i… |
| CVE-2010-1956 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller … |
| CVE-2010-1955 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet… |
| CVE-2010-1954 |
high |
— |
8.5 |
EXP |
|
joomlacomponent.inetlankajoomla |
16y ago |
Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller… |
| CVE-2010-1953 |
high |
— |
8.5 |
EXP |
|
joomlacomponent.inetlankajoomla |
16y ago |
Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… |
| CVE-2010-1952 |
high |
— |
8.5 |
EXP |
|
cmstacticsjoomla |
16y ago |
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in t… |
| CVE-2010-1950 |
medium |
— |
7.8 |
EXP |
|
emultisoftjoomla |
16y ago |
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands v… |
| CVE-2010-1949 |
high |
— |
8.5 |
EXP |
|
emultisoftjoomla |
16y ago |
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. N… |
| CVE-2010-1878 |
high |
— |
8.5 |
EXP |
|
blueflyingfish.no-ipjoomla |
16y ago |
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.ph… |
| CVE-2010-1877 |
high |
— |
8.5 |
EXP |
|
jtmresellerjoomla |
16y ago |
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index… |
| CVE-2010-1875 |
high |
— |
8.5 |
EXP |
|
com-propertyjoomla |
16y ago |
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… |
| CVE-2010-1874 |
high |
— |
8.5 |
EXP |
|
com-propertyjoomla |
16y ago |
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlis… |
| CVE-2010-1873 |
high |
— |
8.5 |
EXP |
|
jvehiclesjoomla |
16y ago |
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlist… |
| CVE-2010-1858 |
medium |
— |
6.0 |
EXP |
|
gelembjukjoomla |
16y ago |
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controll… |
| CVE-2010-1746 |
medium |
— |
5.3 |
EXP |
|
toolsjxjoomla |
16y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp … |
| CVE-2010-1739 |
high |
— |
8.5 |
EXP |
|
joomla |
16y ago |
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.p… |
| CVE-2010-1723 |
medium |
— |
7.8 |
EXP |
|
joomlacomponent.inetlankajoomla |
16y ago |
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified othe… |
| CVE-2010-1722 |
medium |
— |
7.8 |
EXP |
|
dev.pucit.edu.pkjoomla |
16y ago |
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot … |
| CVE-2010-1721 |
high |
— |
8.5 |
EXP |
|
thethinkeryjoomla |
16y ago |
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in… |
| CVE-2010-1720 |
high |
— |
8.5 |
EXP |
|
qprojejoomla |
16y ago |
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele … |
| CVE-2010-1719 |
medium |
— |
7.8 |
EXP |
|
moto-treksjoomla |
16y ago |
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. … |
| CVE-2010-1718 |
medium |
— |
7.8 |
EXP |
|
lispeltuutjoomla |
16y ago |
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a… |
| CVE-2010-1716 |
high |
— |
8.5 |
EXP |
|
joomlanetprojectsjoomla |
16y ago |
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to in… |
| CVE-2010-1715 |
medium |
— |
7.8 |
EXP |
|
pucit.edujoomla |
16y ago |
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the c… |
| CVE-2010-1714 |
medium |
— |
6.0 |
EXP |
|
dev.pucit.edu.pkjoomla |
16y ago |
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to ind… |
| CVE-2010-1659 |
medium |
— |
6.0 |
EXP |
|
webkuljoomla |
16y ago |
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller para… |
| CVE-2010-1653 |
high |
— |
8.5 |
EXP |
|
htmlcoderhelperjoomla |
16y ago |
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (d… |
| CVE-2010-1607 |
medium |
— |
7.8 |
EXP |
|
paysysprojoomla |
16y ago |
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local fil… |
| CVE-2010-1603 |
high |
— |
8.5 |
EXP |
|
zimbllcjoomla |
16y ago |
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly… |
| CVE-2010-1602 |
high |
— |
8.5 |
EXP |
|
zimbllcjoomla |
16y ago |
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a ..… |
| CVE-2010-1601 |
medium |
— |
6.0 |
EXP |
|
joomlamartjoomla |
16y ago |
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1600 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. |
| CVE-2010-1559 |
high |
— |
8.5 |
EXP |
|
martin_hessjoomla |
16y ago |
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopu… |
| CVE-2010-1540 |
medium |
— |
6.0 |
EXP |
|
myblogjoomla |
16y ago |
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE… |
| CVE-2010-1535 |
high |
— |
8.5 |
EXP |
|
peter_hocherljoomla |
16y ago |
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (d… |
| CVE-2010-1534 |
medium |
— |
6.0 |
EXP |
|
joomla.batjojoomla |
16y ago |
Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1533 |
high |
— |
8.5 |
EXP |
|
peter_hocherljoomla |
16y ago |
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1532 |
medium |
— |
6.0 |
EXP |
|
givesightjoomla |
16y ago |
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact… |
| CVE-2010-1531 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1529 |
high |
— |
8.5 |
EXP |
|
freestylejoomla |
16y ago |
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq actio… |
| CVE-2010-1496 |
high |
— |
8.5 |
EXP |
|
joltjoomla |
16y ago |
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. |
| CVE-2010-1495 |
high |
— |
8.5 |
EXP |
|
matamkojoomla |
16y ago |
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1494 |
medium |
— |
6.0 |
EXP |
|
awdsolutionjoomla |
16y ago |
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1493 |
high |
— |
8.5 |
EXP |
|
awdsolutionjoomla |
16y ago |
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to … |
| CVE-2010-1491 |
medium |
— |
6.0 |
EXP |
|
mms.pippjoomla |
16y ago |
Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot do… |
| CVE-2009-4789 |
high |
— |
8.5 |
EXP |
|
mojoblogjoomla |
16y ago |
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramete… |
| CVE-2009-4785 |
high |
— |
8.5 |
EXP |
|
joomlabhavesh_chauhan |
16y ago |
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.p… |
| CVE-2009-4784 |
high |
— |
8.5 |
EXP |
|
joaktreejoomla |
16y ago |
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. |
| CVE-2010-1480 |
high |
— |
8.5 |
EXP |
|
rocketthemejoomla |
16y ago |
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of … |
| CVE-2010-1479 |
high |
— |
8.5 |
EXP |
|
rocketthemejoomla |
16y ago |
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.ph… |
| CVE-2010-1478 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other … |
| CVE-2010-1477 |
high |
— |
8.5 |
EXP |
|
martin_hessjoomla |
16y ago |
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_serm… |
| CVE-2010-1476 |
medium |
— |
7.8 |
EXP |
|
alphaplugjoomla |
16y ago |
Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact v… |
| CVE-2010-1475 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… |
| CVE-2010-1474 |
medium |
— |
7.8 |
EXP |
|
supachai_teasakuljoomla |
16y ago |
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a … |
| CVE-2010-1473 |
medium |
— |
7.8 |
EXP |
|
johnmccollumjoomla |
16y ago |
Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (… |
| CVE-2010-1472 |
high |
— |
8.5 |
EXP |
|
kazulahjoomla |
16y ago |
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to … |
| CVE-2010-1471 |
high |
— |
8.5 |
EXP |
|
b-elektrojoomla |
16y ago |
Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to in… |
| CVE-2010-1470 |
high |
— |
8.5 |
EXP |
|
dev.pucit.edu.pkjoomla |
16y ago |
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in … |
| CVE-2010-1469 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspec… |
| CVE-2010-1468 |
high |
— |
8.5 |
EXP |
|
focusdevjoomla |
16y ago |
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to e… |
| CVE-2010-1461 |
medium |
— |
6.0 |
EXP |
|
gogoritasjoomla |
16y ago |
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. |
| CVE-2010-1372 |
high |
— |
8.5 |
EXP |
|
hdflvplayerjoomla |
16y ago |
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-1363 |
high |
— |
8.5 |
EXP |
|
extremejoomlajoomla |
16y ago |
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.p… |
| CVE-2010-1354 |
medium |
— |
6.0 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.… |
