Filtered by vendor Joomla
Subscribe
Total
933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2009-2395 | 2 Joomla, Joomlaworks | 2 Joomla\!, Com K2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. | |||||
| CVE-2007-6272 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component. | |||||
| CVE-2009-3335 | 2 Joomla, Turtus | 2 Joomla\!, Turtushout | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field. | |||||
| CVE-2008-0652 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
| CVE-2008-5875 | 2 Joomla, Joomlahbs | 3 Joomla, Com Lowcosthotels, Hotel Booking Reservation System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | |||||
| CVE-2009-1496 | 2 Ijobid, Joomla | 2 Com Cmimarketplace, Joomla | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php. | |||||
| CVE-2006-7124 | 1 Joomla | 1 Bsq Sitestats | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter. | |||||
| CVE-2009-0377 | 1 Joomla | 2 Com Beamospetition, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | |||||
| CVE-2006-5046 | 1 Joomla | 1 Rs Gallery2 | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of "hardened language files." | |||||
| CVE-2008-2569 | 1 Joomla | 1 Easybook Component | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | |||||
| CVE-2008-0515 | 2 Joomla, Mambo | 2 Musepoes Component, Musepoes Component | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | |||||
| CVE-2008-4104 | 1 Joomla | 1 Joomla | 2025-04-09 | 5.8 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | |||||
| CVE-2008-0746 | 2 Joomla, Mambo | 2 Com Gallery, Com Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2007-3130 | 1 Joomla | 1 Jd-wiki | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the OpenWiki (formerly JD-Wiki) component (com_jd-wiki) 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) dwpage.php or (2) wantedpages.php, different vectors than CVE-2006-4074. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2568 | 1 Joomla | 2 Com Simpleshop, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php. | |||||
| CVE-2009-3443 | 2 Fastballproductions, Joomla | 2 Com Fastball, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php. | |||||
| CVE-2008-1427 | 2 Joobi, Joomla | 2 Acajoom, Com Acajoom | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php. | |||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | |||||
| CVE-2008-0842 | 1 Joomla | 1 Com Clasifier | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||