Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Joomla Subscribe
Filtered by product Joomla\!
Total 578 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0972 2 G4j.laoneo, Joomla 2 Com Gcalendar, Joomla\! 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0981 2 Joomla, Templateplazza 2 Joomla\!, Com Tpjobs 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
CVE-2010-1073 2 Joomla, Joshprakash 2 Joomla\!, Com Jembed 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
CVE-2010-1304 2 Joomla, Joomlamo 2 Joomla\!, Com Userstatus 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1305 2 Joomla, Joomlamo 2 Joomla\!, Com Jinventory 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1306 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlapicasa2 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1307 2 Joomla, Software.realtyna 2 Joomla\!, Com Joomlaupdater 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1315 2 Joomla, Joomlamo 2 Joomla\!, Com Weberpcustomer 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1340 2 Joomla, Joomla-research 2 Joomla\!, Com Jresearch 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
CVE-2010-1350 2 Joomla, Joomlaprojects 2 Joomla\!, Com Jp Jobs 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1353 2 Joomla, Wowjoomla 2 Joomla\!, Com Loginbox 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVE-2010-1363 2 Extremejoomla, Joomla 2 Com J-projects, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
CVE-2010-1372 2 Hdflvplayer, Joomla 2 Com Hdflvplayer, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-1474 2 Joomla, Supachai Teasakul 2 Joomla\!, Com Sweetykeeper 2017-08-16 6.8 MEDIUM N/A
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1475 2 Joomla, Ternaria 2 Joomla\!, Com Preventive 2017-08-16 6.8 MEDIUM N/A
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1493 2 Awdsolution, Joomla 2 Com Awdwall, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php.
CVE-2010-1494 2 Awdsolution, Joomla 2 Com Awdwall, Joomla\! 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1496 2 Jolt, Joomla 2 Com Joltcard, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php.
CVE-2010-1529 2 Freestyle, Joomla 2 Faqs Lite, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php.