Total
585 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4937 | 2 Joomla, Robitbt | 2 Joomla\!, Com Amblog | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. | |||||
CVE-2010-1472 | 2 Joomla, Kazulah | 2 Joomla\!, Com Horoscope | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-2034 | 2 Joomla, Percha | 2 Joomla\!, Com Perchaimageattach | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2009-4576 | 2 Cmstactics, Joomla | 2 Com Beeheard, Joomla\! | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php. | |||||
CVE-2010-0610 | 2 Joomla, Webguerilla | 2 Joomla\!, Com Photoblog | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist. | |||||
CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | |||||
CVE-2010-4971 | 2 Joomla, Videowhisper | 2 Joomla\!, Php 2 Way Video Chat | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | |||||
CVE-2010-0467 | 2 Chillcreations, Joomla | 2 Com Ccnewsletter, Joomla\! | 2024-02-04 | 5.0 MEDIUM | 5.8 MEDIUM |
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php. | |||||
CVE-2010-2128 | 2 Harmistechnology, Joomla | 2 Com Jequoteform, Joomla\! | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. | |||||
CVE-2010-2921 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Golfcourseguide | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. | |||||
CVE-2010-1494 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-5003 | 2 Autartica, Joomla | 2 Com Autartimonial, Joomla\! | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-1532 | 2 Givesight, Joomla | 2 Com Powermail, Joomla\! | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-1354 | 2 Joomla, Ternaria | 2 Joomla\!, Com Vjdeo | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-1304 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Userstatus | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4617 | 2 Joomla, Kanich | 2 Joomla\!, Com Jotloader | 2024-02-04 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | |||||
CVE-2010-1979 | 2 Affiliatefeeds, Joomla | 2 Com Datafeeds, Joomla\! | 2024-02-04 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4995 | 2 Joomla, Neojoomla | 2 Joomla\!, Com Neorecruit | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | |||||
CVE-2010-4968 | 2 Joomla, Webmaster-tips | 2 Joomla\!, Com Wmtpic | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
CVE-2009-4575 | 2 Joomla, Qproje | 2 Joomla\!, Com Qpersonel | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php. |