Filtered by vendor Joomla
Subscribe
Total
912 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-5608 | 1 Joomla | 1 Joomla\! | 2017-09-22 | 5.8 MEDIUM | 6.1 MEDIUM |
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. | |||||
CVE-2009-4938 | 2 Joomla, Warphd | 2 Joomla\!, Com Jvideo | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | |||||
CVE-2009-4628 | 2 Joomla, Templateplaza | 2 Joomla\!, Com Tpdugg | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | |||||
CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | |||||
CVE-2009-4620 | 2 Joomla, Joomloc | 2 Joomla\!, Com Joomloc | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | |||||
CVE-2009-4619 | 2 Joomla, Lucygames | 2 Joomla\!, Com Lucygames | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4550 | 2 Joomla, Kunena | 2 Joomla\!, Kunena Forum | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | |||||
CVE-2009-4475 | 2 Joomla, Joomlub | 2 Joomla\!, Com Joomlub | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php. | |||||
CVE-2009-4202 | 2 Joomla, Omilenitsolutions | 2 Joomla\!, Com Omphotogallery | 2017-09-18 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | |||||
CVE-2009-4200 | 2 Joomla, Vollmar | 2 Joomla\!, Com Seminar | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php. | |||||
CVE-2009-4199 | 3 Joomla, Mambo-foundation, Mamboforge | 3 Joomla\!, Mambo, Com Mosres | 2017-09-18 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. | |||||
CVE-2009-3972 | 2 Joomla, Qproje | 2 Joomla\!, Com Siirler | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | |||||
CVE-2009-3971 | 2 Joomla, Jtips | 2 Joomla\!, Com Jtips | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. | |||||
CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | |||||
CVE-2009-3669 | 2 Foobla, Joomla | 2 Com Foobla Suggestions, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | |||||
CVE-2009-3661 | 2 Blueconstantmedia, Joomla | 2 Com Djcatalog, Joomla | 2017-09-18 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | |||||
CVE-2009-3446 | 2 Joomla, Rick Estrada | 2 Joomla, Com Mytube | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php. | |||||
CVE-2009-3417 | 2 Idojoomla, Joomla | 2 Com Idoblog, Joomla\! | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than CVE-2008-2627. | |||||
CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | |||||
CVE-2009-3335 | 2 Joomla, Turtus | 2 Joomla\!, Turtushout | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field. |