| CVE-2010-1714 |
medium |
— |
6.0 |
EXP |
|
dev.pucit.edu.pkjoomla |
16y ago |
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to ind… |
| CVE-2010-1659 |
medium |
— |
6.0 |
EXP |
|
webkuljoomla |
16y ago |
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller para… |
| CVE-2010-1653 |
high |
— |
8.5 |
EXP |
|
htmlcoderhelperjoomla |
16y ago |
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (d… |
| CVE-2010-1607 |
medium |
— |
7.8 |
EXP |
|
paysysprojoomla |
16y ago |
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local fil… |
| CVE-2010-1603 |
high |
— |
8.5 |
EXP |
|
zimbllcjoomla |
16y ago |
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly… |
| CVE-2010-1602 |
high |
— |
8.5 |
EXP |
|
zimbllcjoomla |
16y ago |
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a ..… |
| CVE-2010-1601 |
medium |
— |
6.0 |
EXP |
|
joomlamartjoomla |
16y ago |
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1600 |
high |
— |
8.5 |
EXP |
|
thefactoryjoomla |
16y ago |
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. |
| CVE-2010-1559 |
high |
— |
8.5 |
EXP |
|
martin_hessjoomla |
16y ago |
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopu… |
| CVE-2010-1540 |
medium |
— |
6.0 |
EXP |
|
myblogjoomla |
16y ago |
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE… |
| CVE-2010-1535 |
high |
— |
8.5 |
EXP |
|
peter_hocherljoomla |
16y ago |
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (d… |
| CVE-2010-1534 |
medium |
— |
6.0 |
EXP |
|
joomla.batjojoomla |
16y ago |
Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1533 |
high |
— |
8.5 |
EXP |
|
peter_hocherljoomla |
16y ago |
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1532 |
medium |
— |
6.0 |
EXP |
|
givesightjoomla |
16y ago |
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact… |
| CVE-2010-1531 |
high |
— |
8.5 |
EXP |
|
redcomponentjoomla |
16y ago |
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1529 |
high |
— |
8.5 |
EXP |
|
freestylejoomla |
16y ago |
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq actio… |
| CVE-2010-1496 |
high |
— |
8.5 |
EXP |
|
joltjoomla |
16y ago |
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. |
| CVE-2010-1495 |
high |
— |
8.5 |
EXP |
|
matamkojoomla |
16y ago |
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1494 |
medium |
— |
6.0 |
EXP |
|
awdsolutionjoomla |
16y ago |
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1493 |
high |
— |
8.5 |
EXP |
|
awdsolutionjoomla |
16y ago |
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to … |
| CVE-2010-1491 |
medium |
— |
6.0 |
EXP |
|
mms.pippjoomla |
16y ago |
Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot do… |
| CVE-2009-4789 |
high |
— |
8.5 |
EXP |
|
mojoblogjoomla |
16y ago |
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramete… |
| CVE-2009-4785 |
high |
— |
8.5 |
EXP |
|
joomlabhavesh_chauhan |
16y ago |
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.p… |
| CVE-2009-4784 |
high |
— |
8.5 |
EXP |
|
joaktreejoomla |
16y ago |
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. |
| CVE-2010-1480 |
high |
— |
8.5 |
EXP |
|
rocketthemejoomla |
16y ago |
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of … |
| CVE-2010-1479 |
high |
— |
8.5 |
EXP |
|
rocketthemejoomla |
16y ago |
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.ph… |
| CVE-2010-1478 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other … |
| CVE-2010-1477 |
high |
— |
8.5 |
EXP |
|
martin_hessjoomla |
16y ago |
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_serm… |
| CVE-2010-1476 |
medium |
— |
7.8 |
EXP |
|
alphaplugjoomla |
16y ago |
Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact v… |
| CVE-2010-1475 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… |
| CVE-2010-1474 |
medium |
— |
7.8 |
EXP |
|
supachai_teasakuljoomla |
16y ago |
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a … |
| CVE-2010-1473 |
medium |
— |
7.8 |
EXP |
|
johnmccollumjoomla |
16y ago |
Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (… |
| CVE-2010-1472 |
high |
— |
8.5 |
EXP |
|
kazulahjoomla |
16y ago |
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to … |
| CVE-2010-1471 |
high |
— |
8.5 |
EXP |
|
b-elektrojoomla |
16y ago |
Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to in… |
| CVE-2010-1470 |
high |
— |
8.5 |
EXP |
|
dev.pucit.edu.pkjoomla |
16y ago |
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in … |
| CVE-2010-1469 |
medium |
— |
7.8 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspec… |
| CVE-2010-1468 |
high |
— |
8.5 |
EXP |
|
focusdevjoomla |
16y ago |
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to e… |
| CVE-2010-1461 |
medium |
— |
6.0 |
EXP |
|
gogoritasjoomla |
16y ago |
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. |
| CVE-2010-1372 |
high |
— |
8.5 |
EXP |
|
hdflvplayerjoomla |
16y ago |
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-1363 |
high |
— |
8.5 |
EXP |
|
extremejoomlajoomla |
16y ago |
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.p… |
| CVE-2010-1354 |
medium |
— |
6.0 |
EXP |
|
ternariajoomla |
16y ago |
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.… |
| CVE-2010-1353 |
medium |
— |
6.0 |
EXP |
|
wowjoomlajoomla |
16y ago |
Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| CVE-2010-1352 |
medium |
— |
6.0 |
EXP |
|
jooforgejoomla |
16y ago |
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramete… |
| CVE-2010-1350 |
high |
— |
8.5 |
EXP |
|
joomlaprojectsjoomla |
16y ago |
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to i… |
| CVE-2010-1345 |
medium |
— |
6.0 |
EXP |
|
cookexjoomla |
16y ago |
Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… |
| CVE-2010-1344 |
high |
— |
8.5 |
EXP |
|
cookexjoomla |
16y ago |
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action t… |
| CVE-2010-1340 |
medium |
— |
6.0 |
EXP |
|
joomla-researchjoomla |
16y ago |
Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet… |
| CVE-2010-1315 |
medium |
— |
6.0 |
EXP |
|
joomlamojoomla |
16y ago |
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files v… |
| CVE-2010-1314 |
medium |
— |
6.0 |
EXP |
|
joomlanookjoomla |
16y ago |
Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… |
| CVE-2010-1313 |
medium |
— |
5.3 |
EXP |
|
seberjoomla |
16y ago |
Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via… |
| CVE-2010-1312 |
medium |
— |
6.0 |
EXP |
|
ijoomlajoomla |
16y ago |
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet… |
| CVE-2010-1308 |
medium |
— |
6.0 |
EXP |
|
la-souris-vertejoomla |
16y ago |
Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| CVE-2010-1307 |
medium |
— |
6.0 |
EXP |
|
software.realtynajoomla |
16y ago |
Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to inde… |
| CVE-2010-1306 |
high |
— |
8.5 |
EXP |
|
roberto_aloijoomla |
16y ago |
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller para… |
| CVE-2010-1305 |
medium |
— |
6.0 |
EXP |
|
joomlamojoomla |
16y ago |
Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to r… |
| CVE-2010-1304 |
medium |
— |
6.0 |
EXP |
|
joomlamojoomla |
16y ago |
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the control… |
| CVE-2010-1302 |
medium |
— |
6.0 |
EXP |
|
decryptwebjoomla |
16y ago |
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequence… |
| CVE-2010-1265 |
high |
— |
8.5 |
EXP |
|
ekithjoomla |
16y ago |
SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. |
| CVE-2010-1219 |
medium |
— |
7.8 |
EXP |
|
com_janewsjoomla |
16y ago |
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.p… |
| CVE-2010-1217 |
medium |
— |
5.3 |
EXP |
|
je_form_creatorjoomla |
16y ago |
Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory travers… |
| CVE-2010-1081 |
medium |
— |
6.0 |
EXP |
|
corejoomlajoomla |
16y ago |
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot… |
| CVE-2010-1073 |
high |
— |
8.5 |
EXP |
|
joshprakashjoomla |
16y ago |
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to in… |
| CVE-2010-1056 |
medium |
— |
7.8 |
EXP |
|
rocketthemejoomla |
16y ago |
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in … |
| CVE-2010-1045 |
high |
— |
8.5 |
EXP |
|
design-carsjoomla |
16y ago |
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index… |
| CVE-2010-0985 |
high |
— |
8.5 |
EXP |
|
chris_simonjoomla |
16y ago |
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the co… |
| CVE-2010-0982 |
medium |
— |
5.3 |
EXP |
|
joomlamojoomla |
16y ago |
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to in… |
| CVE-2010-0981 |
high |
— |
8.5 |
EXP |
|
templateplazzajoomla |
16y ago |
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. |
| CVE-2010-0972 |
high |
— |
8.5 |
EXP |
|
g4j.laoneojoomla |
16y ago |
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controlle… |
| CVE-2010-0946 |
high |
— |
8.5 |
EXP |
|
kiss-softwarejoomla |
17y ago |
SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid para… |
| CVE-2010-0945 |
high |
— |
8.5 |
EXP |
|
hotbracketsjoomla |
17y ago |
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| CVE-2010-0944 |
medium |
— |
6.0 |
EXP |
|
thorsten_riessjoomla |
17y ago |
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.ph… |
| CVE-2010-0943 |
medium |
— |
6.0 |
EXP |
|
joomlartjoomla |
17y ago |
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowc… |
| CVE-2010-0942 |
medium |
— |
6.0 |
EXP |
|
jvideodirectjoomla |
17y ago |
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.… |
| CVE-2009-4679 |
high |
— |
8.5 |
EXP |
|
inertialfatejoomla |
17y ago |
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot do… |
| CVE-2010-0803 |
high |
— |
8.5 |
EXP |
|
jvideodirectjoomla |
17y ago |
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. |
| CVE-2010-0801 |
low |
— |
4.5 |
EXP |
|
autarticajoomla |
17y ago |
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary fil… |
| CVE-2010-0800 |
high |
— |
8.5 |
EXP |
|
joomservicesjoomla |
17y ago |
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id param… |
| CVE-2010-0796 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
17y ago |
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to i… |
| CVE-2010-0795 |
high |
— |
8.5 |
EXP |
|
harmistechnologyjoomla |
17y ago |
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event … |
| CVE-2010-0760 |
medium |
— |
7.8 |
EXP |
|
greatjoomlajoomla |
17y ago |
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequ… |
| CVE-2010-0759 |
high |
— |
8.5 |
EXP |
|
greatjoomlajoomla |
17y ago |
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and … |
| CVE-2010-0753 |
high |
— |
8.5 |
EXP |
|
componentslabjoomla |
17y ago |
SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: … |
| CVE-2010-0696 |
medium |
— |
6.0 |
EXP |
|
joomlaworksjoomla |
17y ago |
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../..… |
| CVE-2010-0694 |
high |
— |
8.5 |
EXP |
|
perchajoomla |
17y ago |
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad … |
| CVE-2010-0692 |
high |
— |
7.5 |
|
|
iptechinsidejoomla |
17y ago |
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to i… |
| CVE-2009-4651 |
medium |
— |
5.3 |
EXP |
|
onnogroenjoomla |
17y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML vi… |
| CVE-2009-4650 |
high |
— |
8.5 |
EXP |
|
onnogroenjoomla |
17y ago |
SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in… |
| CVE-2010-0676 |
medium |
— |
5.0 |
|
|
weberrjoomla |
17y ago |
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter. |
| CVE-2010-0670 |
medium |
— |
5.0 |
|
|
iptechinsidejoomla |
17y ago |
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors. |
| CVE-2010-0635 |
high |
— |
7.5 |
|
|
joomlajevents |
17y ago |
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL… |
| CVE-2010-0632 |
high |
— |
8.5 |
EXP |
|
parkviewconsultantsjoomla |
17y ago |
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display … |
| CVE-2010-0610 |
high |
— |
8.5 |
EXP |
|
webguerillajoomla |
17y ago |
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to in… |
| CVE-2010-0467 |
medium |
5.8 |
6.8 |
EXP |
|
chillcreationsjoomla |
17y ago |
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in … |
| CVE-2010-0461 |
medium |
— |
7.5 |
EXP |
|
joomla |
17y ago |
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action … |
| CVE-2010-0459 |
high |
— |
8.5 |
EXP |
|
yoflashjoomla |
17y ago |
SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to… |
| CVE-2010-0456 |
high |
— |
8.5 |
EXP |
|
indianpulsesjoomla |
17y ago |
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver a… |
| CVE-2010-0374 |
medium |
— |
5.3 |
EXP |
|
codingfishjoomla |
17y ago |
Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a sho… |
| CVE-2010-0373 |
high |
— |
8.5 |
EXP |
|
joomla |
17y ago |
SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. |
| CVE-2010-0372 |
high |
— |
8.5 |
EXP |
|
hong_chuyenjoomla |
17y ago |
SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to i… |
