Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2025-04-11 | N/A |
| SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | ||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | ||||
| CVE-2009-4938 | 2 Joomla, Warphd | 2 Joomla\!, Com Jvideo | 2025-04-11 | N/A |
| SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | ||||
| CVE-2009-4946 | 2 Joomla, Thetricky | 2 Joomla\!, Com Messaging | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-0374 | 2 Codingfish, Joomla | 2 Com Marketplace, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php. | ||||
| CVE-2010-0459 | 2 Joomla, Yoflash | 2 Joomla\!, Com Mochigames | 2025-04-11 | N/A |
| SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2010-0692 | 2 Iptechinside, Joomla | 2 Com Jquarks, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0760 | 2 Greatjoomla, Joomla | 2 Scriptegrator Plugin, Joomla\! | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-0946 | 2 Joomla, Kiss-software | 2 Joomla\!, Com Ksadvertiser | 2025-04-11 | N/A |
| SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php. | ||||
| CVE-2010-0945 | 2 Hotbrackets, Joomla | 2 Com Hotbrackets, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2010-0942 | 2 Joomla, Jvideodirect | 2 Joomla\!, Com Jvideodirect | 2025-04-11 | N/A |
| Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1056 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokdownloads | 2025-04-11 | N/A |
| Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1073 | 2 Joomla, Joshprakash | 2 Joomla\!, Com Jembed | 2025-04-11 | N/A |
| SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. | ||||
| CVE-2010-1308 | 2 Joomla, La-souris-verte | 2 Joomla\!, Com Svmap | 2025-04-11 | N/A |
| Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1344 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | ||||
| CVE-2010-1480 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokmodule | 2025-04-11 | N/A |
| SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1471 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1473 | 2 Johnmccollum, Joomla | 2 Com Advertising, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1491 | 2 Joomla, Mms.pipp | 2 Joomla\!, Com Mmsblog | 2025-04-11 | N/A |
| Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1493 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | ||||