Filtered by vendor Joomla
Subscribe
Total
933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5040 | 1 Joomla | 2 Com Sef, Sef4040x | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors. | |||||
| CVE-2008-0752 | 2 Joomla, Mambo | 2 Com Neogallery, Com Neogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action. | |||||
| CVE-2006-6833 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | |||||
| CVE-2006-7009 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors. | |||||
| CVE-2009-4599 | 2 Joomla, Joomshark | 2 Joomla, Com Jsjobs | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php. | |||||
| CVE-2007-4506 | 1 Joomla | 1 Neorecruit | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NeoRecruit component (com_neorecruit) 1.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an offer_view action. | |||||
| CVE-2009-3817 | 2 Joomla, Ordasoft | 2 Joomla\!, Com Booklibrary | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1848 | 2 Joomla, Joomlacode | 2 Joomla, Joomlaexplorer | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php. | |||||
| CVE-2006-4996 | 1 Joomla | 1 Joomlalib | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attackers to have an unknown impact, related to "Joomla globals hacked by script kiddies." | |||||
| CVE-2009-2607 | 2 Joomla, Pinme | 2 Joomla, Com Pinboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | |||||
| CVE-2008-6841 | 2 Gmitc, Joomla | 2 Com Dbquery, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to classes/DBQ/admin/common.class.php. | |||||
| CVE-2009-2789 | 2 Joomla, Permis | 2 Joomla, Com Groups | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0607 | 3 Joomla, Mambo, Sigsiu.net | 3 Com Sobi2, Com Sobi2, Sobi2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6430 | 1 Joomla | 2 Com Mycontent, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | |||||
| CVE-2008-2564 | 1 Joomla | 2 Com Jotloader, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | |||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | |||||
| CVE-2009-3491 | 2 Joomla, Kinfusion | 2 Joomla\!, Com Sportfusion | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php. | |||||
| CVE-2009-2609 | 2 Amotools, Joomla | 2 Com Amocourse, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | |||||
| CVE-2008-4777 | 2 Joomla, Mambo | 3 Com Lms, Joomla, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task. | |||||