Filtered by vendor Joomla
Subscriptions
Total
953 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2290 | 2 Joomla, Kim Eckert | 2 Joomla\!, Com Bsadv | 2025-04-09 | N/A |
| SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php. | ||||
| CVE-2009-3817 | 2 Joomla, Ordasoft | 2 Joomla\!, Com Booklibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4103 | 1 Joomla | 2 Com Mailto, Joomla | 2025-04-09 | N/A |
| The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. | ||||
| CVE-2008-2643 | 1 Joomla | 1 Com Biblestudy | 2025-04-09 | N/A |
| SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | ||||
| CVE-2009-2390 | 2 F-cimag-in, Joomla | 2 Com Bookflip, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php. | ||||
| CVE-2008-0815 | 2 Egitimhost, Joomla | 2 Com Mezun, Com Mezun | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task. | ||||
| CVE-2008-0849 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | ||||
| CVE-2007-3932 | 1 Joomla | 1 Expose | 2025-04-09 | N/A |
| uploadimg.php in the Expose RC35 and earlier (com_expose) component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to upload and execute arbitrary PHP code in the img/ folder. | ||||
| CVE-2008-6088 | 2 Joomla, Joomtracker | 2 Joomla, Com Joomtracker | 2025-04-09 | N/A |
| SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | ||||
| CVE-2009-2400 | 2 Fijiwebdesign, Joomla | 2 Com Php, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2009-2102 | 2 Com Jumi, Joomla | 2 Com Jumi, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php. | ||||
| CVE-2008-1733 | 2 Joomla, Pragmaticutopia | 2 Joomla, Com Puarcade | 2025-04-09 | N/A |
| SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | ||||
| CVE-2007-4184 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | ||||
| CVE-2009-1939 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-4189 | 1 Joomla | 1 Joomla\! | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1499 | 1 Joomla | 2 Com Mailto, Joomla\! | 2025-04-09 | N/A |
| SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor. | ||||
| CVE-2008-5811 | 1 Joomla | 2 Com Paxgallery, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php. | ||||
| CVE-2008-1459 | 4 Joomla, Joomlaitalia, Mambo and 1 more | 4 Joomla, Com Alberghi, Mambo and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-6184 | 2 Joomla, Medialab-karlsruhe | 2 Joomla, Ownbiblio | 2025-04-09 | N/A |
| SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php. | ||||
| CVE-2009-0329 | 1 Joomla | 2 Com Pccookbook, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | ||||