| CVE-2016-9838 |
high |
7.5 |
8.5 |
EXP |
|
joomla |
10y ago |
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a us… |
| CVE-2016-8870 |
high |
8.1 |
9.1 |
EXP |
|
joomla |
10y ago |
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create … |
| CVE-2015-8566 |
high |
— |
8.5 |
EXP |
|
joomla |
11y ago |
Joomla! Framework Remote Code Injection Vulnerability |
| CVE-2015-8562 |
high |
— |
8.5 |
EXP |
|
joomla |
11y ago |
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in Dece… |
| CVE-2015-7858 |
high |
— |
8.5 |
EXP |
|
joomla |
11y ago |
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297. |
| CVE-2015-7857 |
high |
— |
8.5 |
EXP |
|
joomla |
11y ago |
SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL… |
| CVE-2015-7297 |
high |
— |
8.5 |
EXP |
|
joomla |
11y ago |
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858. |
| CVE-2014-7228 |
high |
— |
8.5 |
EXP |
|
joomla |
12y ago |
Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for … |
| CVE-2014-7981 |
high |
— |
8.5 |
EXP |
|
joomla |
12y ago |
SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| CVE-2013-1453 |
high |
— |
8.5 |
EXP |
|
joomla |
14y ago |
plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary d… |
| CVE-2010-5280 |
high |
— |
8.5 |
EXP |
|
joomla-cbejoomla |
14y ago |
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files… |
| CVE-2012-1116 |
high |
— |
8.5 |
EXP |
|
joomla |
14y ago |
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| CVE-2006-7247 |
high |
— |
8.5 |
EXP |
|
joomlamambo-foundation |
14y ago |
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. |
| CVE-2011-5113 |
high |
— |
8.5 |
EXP |
|
techdelugejoomla |
14y ago |
SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid param… |
| CVE-2011-5112 |
high |
— |
8.5 |
EXP |
|
blueflyingfishjoomla |
14y ago |
SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php. |
| CVE-2011-5099 |
high |
— |
8.5 |
EXP |
|
chillcreationsjoomla |
14y ago |
SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id p… |
| CVE-2011-4829 |
high |
— |
8.5 |
EXP |
|
barter-sitesjoomla |
15y ago |
SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. |
| CVE-2011-4823 |
high |
— |
8.5 |
EXP |
|
extensionsforjoomlajoomla |
15y ago |
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a re… |
| CVE-2011-4808 |
high |
— |
8.5 |
EXP |
|
joomlaextensionsjoomla |
15y ago |
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action… |
| CVE-2011-4571 |
high |
— |
8.5 |
EXP |
|
eaimprovedjoomla |
15y ago |
SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php. |
| CVE-2011-4570 |
high |
— |
8.5 |
EXP |
|
takeawebjoomla |
15y ago |
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id paramete… |
| CVE-2010-5056 |
high |
— |
8.5 |
EXP |
|
gbu_graficijoomla |
15y ago |
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action… |
| CVE-2010-5053 |
high |
— |
8.5 |
EXP |
|
php-shop-systemjoomla |
15y ago |
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.ph… |
| CVE-2010-5032 |
high |
— |
8.5 |
EXP |
|
tamlyncreativejoomla |
15y ago |
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial acti… |
| CVE-2010-5028 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
15y ago |
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to inde… |
| CVE-2010-5022 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
15y ago |
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. |
| CVE-2010-5003 |
high |
— |
8.5 |
EXP |
|
autarticajoomla |
15y ago |
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial … |
| CVE-2010-4995 |
high |
— |
8.5 |
EXP |
|
neojoomlajoomla |
15y ago |
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action t… |
| CVE-2010-4993 |
high |
— |
8.5 |
EXP |
|
kay_messerschmidtjoomla |
15y ago |
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. |
| CVE-2010-4992 |
high |
— |
8.5 |
EXP |
|
paymentsplusjoomla |
15y ago |
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. |
| CVE-2010-4991 |
high |
— |
8.5 |
EXP |
|
ninjaforgejoomla |
15y ago |
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to inde… |
| CVE-2010-4990 |
high |
— |
8.5 |
EXP |
|
b-elektrojoomla |
15y ago |
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact acti… |
| CVE-2010-4977 |
high |
— |
8.5 |
EXP |
|
miniworkjoomla |
15y ago |
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. |
| CVE-2010-4975 |
high |
— |
8.5 |
EXP |
|
techjoomlajoomla |
15y ago |
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in … |
| CVE-2010-4968 |
high |
— |
8.5 |
EXP |
|
webmaster-tipsjoomla |
15y ago |
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.… |
| CVE-2010-4945 |
high |
— |
8.5 |
EXP |
|
joomla |
15y ago |
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-4944 |
high |
— |
8.5 |
EXP |
|
joomlamambo-foundation |
15y ago |
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProf… |
| CVE-2010-4941 |
high |
— |
8.5 |
EXP |
|
joomlamojoomla |
15y ago |
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save act… |
| CVE-2010-4938 |
high |
— |
8.5 |
EXP |
|
joomla |
15y ago |
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php.… |
| CVE-2010-4937 |
high |
— |
8.5 |
EXP |
|
robitbtjoomla |
15y ago |
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to in… |
| CVE-2010-4929 |
high |
— |
8.5 |
EXP |
|
joostina-cmsjoomla |
15y ago |
SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php. |
| CVE-2010-4927 |
high |
— |
8.5 |
EXP |
|
photoindochinajoomla |
15y ago |
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country actio… |
| CVE-2010-4926 |
high |
— |
8.5 |
EXP |
|
timetrackjoomla |
15y ago |
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to ind… |
| CVE-2010-4918 |
high |
— |
8.5 |
EXP |
|
ijoomlajoomla |
15y ago |
PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magaz… |
| CVE-2010-4904 |
high |
— |
8.5 |
EXP |
|
simon_philipsjoomla |
15y ago |
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view a… |
| CVE-2010-4902 |
high |
— |
8.5 |
EXP |
|
joomla-clantoolsjoomla |
15y ago |
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame paramete… |
| CVE-2010-4898 |
high |
— |
8.5 |
EXP |
|
gantry-frameworkjoomla |
15y ago |
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. |
| CVE-2010-4865 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
15y ago |
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail acti… |
| CVE-2010-4864 |
high |
— |
8.5 |
EXP |
|
danieljamesscottjoomla |
15y ago |
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action t… |
| CVE-2010-4862 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
15y ago |
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item ac… |
| CVE-2010-4853 |
high |
— |
8.5 |
EXP |
|
chillcreationsjoomla |
15y ago |
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. |
| CVE-2010-4795 |
high |
— |
8.5 |
EXP |
|
joomlasellerjoomla |
15y ago |
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details ac… |
| CVE-2010-4769 |
high |
— |
8.5 |
EXP |
|
janguojoomla |
15y ago |
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in… |
| CVE-2010-4719 |
high |
— |
8.5 |
EXP |
|
fxwebdesignjoomla |
16y ago |
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller paramet… |
| CVE-2011-0511 |
high |
— |
8.5 |
EXP |
|
joomtradersjoomla |
16y ago |
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-4365 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
16y ago |
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleve… |
| CVE-2010-4272 |
high |
— |
8.5 |
EXP |
|
pulseinfotechjoomla |
16y ago |
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.p… |
| CVE-2010-4268 |
high |
— |
8.5 |
EXP |
|
pulseinfotechjoomla |
16y ago |
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. |
| CVE-2010-3426 |
high |
— |
8.5 |
EXP |
|
4you-studiojoomla |
16y ago |
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in… |
| CVE-2010-3422 |
high |
— |
8.5 |
EXP |
|
solventusjoomla |
16y ago |
SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. |
| CVE-2010-3211 |
high |
— |
8.5 |
EXP |
|
jextnjoomla |
16y ago |
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with … |
| CVE-2010-2923 |
high |
— |
8.5 |
EXP |
|
prasannajoomla |
16y ago |
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. |
| CVE-2010-2921 |
high |
— |
8.5 |
EXP |
|
photoindochinajoomla |
16y ago |
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter… |
| CVE-2010-2919 |
high |
— |
8.5 |
EXP |
|
joomlaxtjoomla |
16y ago |
SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-2918 |
high |
— |
8.5 |
EXP |
|
visocreajoomla |
16y ago |
PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via … |
| CVE-2010-2910 |
high |
— |
8.5 |
EXP |
|
joomlaalexred |
16y ago |
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. |
| CVE-2010-2909 |
high |
— |
8.5 |
EXP |
|
toughtomatojoomla |
16y ago |
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to … |
| CVE-2010-2908 |
high |
— |
8.5 |
EXP |
|
joomdlejoomla |
16y ago |
SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail actio… |
| CVE-2010-2907 |
high |
— |
8.5 |
EXP |
|
huruhelpdeskjoomla |
16y ago |
SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to inde… |
| CVE-2010-2847 |
high |
— |
8.5 |
EXP |
|
gonzalo_maserjoomla |
16y ago |
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter… |
| CVE-2010-2845 |
high |
— |
8.5 |
EXP |
|
schlu.netjoomla |
16y ago |
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index… |
| CVE-2010-2694 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php. |
| CVE-2010-2690 |
high |
— |
8.5 |
EXP |
|
jooforgejoomla |
16y ago |
SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter i… |
| CVE-2010-2682 |
high |
— |
8.5 |
EXP |
|
realtynajoomla |
16y ago |
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via… |
| CVE-2010-2681 |
high |
— |
8.5 |
EXP |
|
joomla |
16y ago |
PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to inde… |
| CVE-2010-2679 |
high |
— |
8.5 |
EXP |
|
joomla |
16y ago |
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. |
| CVE-2010-2622 |
high |
— |
8.5 |
EXP |
|
joomanagerjoomla |
16y ago |
SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. |
| CVE-2010-2513 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
16y ago |
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to ind… |
| CVE-2010-2259 |
high |
— |
8.5 |
EXP |
|
tamlyncreativejoomla |
16y ago |
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller param… |
| CVE-2010-2255 |
high |
— |
8.5 |
EXP |
|
tamlyncreativejoomla |
16y ago |
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joo… |
| CVE-2010-2254 |
high |
— |
8.5 |
EXP |
|
shape5joomla |
16y ago |
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. |
| CVE-2010-2148 |
high |
— |
8.5 |
EXP |
|
unisoftjoomla |
16y ago |
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. |
| CVE-2010-2128 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
16y ago |
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via… |
| CVE-2010-2050 |
high |
— |
8.5 |
EXP |
|
m0r0njoomla |
16y ago |
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller p… |
| CVE-2010-2045 |
high |
— |
8.5 |
EXP |
|
dionesoftjoomla |
16y ago |
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequ… |
| CVE-2010-2044 |
high |
— |
8.5 |
EXP |
|
adhie_utomojoomla |
16y ago |
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.… |
| CVE-2010-2037 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified ot… |
| CVE-2010-2036 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other im… |
| CVE-2010-2035 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact v… |
| CVE-2010-2034 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… |
| CVE-2010-2033 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
16y ago |
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecifie… |
| CVE-2010-1983 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parame… |
| CVE-2010-1980 |
high |
— |
8.5 |
EXP |
|
roberto_aloijoomla |
16y ago |
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a ..… |
| CVE-2010-1977 |
high |
— |
8.5 |
EXP |
|
gohigherisjoomla |
16y ago |
Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to … |
| CVE-2010-1957 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to i… |
| CVE-2010-1956 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller … |
| CVE-2010-1955 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet… |
| CVE-2010-1954 |
high |
— |
8.5 |
EXP |
|
joomlacomponent.inetlankajoomla |
16y ago |
Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller… |
| CVE-2010-1953 |
high |
— |
8.5 |
EXP |
|
joomlacomponent.inetlankajoomla |
16y ago |
Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… |
| CVE-2010-1952 |
high |
— |
8.5 |
EXP |
|
cmstacticsjoomla |
16y ago |
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in t… |
