Filtered by vendor Joomla
Subscribe
Total
912 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-4202 | 2 Joomla, Omilenitsolutions | 2 Joomla\!, Com Omphotogallery | 2017-09-18 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | |||||
CVE-2009-3316 | 2 Jforjoomla, Joomla | 2 Com Jreservation, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php. | |||||
CVE-2009-3193 | 2 Joomla, Uwix | 2 Joomla, Com Digifolio | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | |||||
CVE-2009-3155 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2017-09-18 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter. | |||||
CVE-2009-3154 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567. | |||||
CVE-2009-3063 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | |||||
CVE-2009-3054 | 2 Artetics, Joomla | 2 Com Artportal, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | |||||
CVE-2009-3669 | 2 Foobla, Joomla | 2 Com Foobla Suggestions, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | |||||
CVE-2009-4550 | 2 Joomla, Kunena | 2 Joomla\!, Kunena Forum | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | |||||
CVE-2009-3053 | 2 Joomla, Jvitals | 2 Joomla, Com Agora | 2017-09-18 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php. | |||||
CVE-2009-2782 | 2 Jfusion, Joomla | 2 Com Jfusion, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
CVE-2009-2638 | 2 Joomla, Konze | 2 Joomla, Com Akobook | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php. | |||||
CVE-2009-2637 | 2 Joomla, Ordasoft | 2 Joomla, Com Booklibrary | 2017-09-18 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2009-2635 | 2 Joomla, Ordasoft | 2 Joomla, Com Realestatemanager | 2017-09-18 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2009-2634 | 2 Joomla, Ordasoft | 2 Joomla, Com Medialibrary | 2017-09-18 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2009-2633 | 2 Joomla, Ordasoft | 2 Joomla, Com Vehiclemanager | 2017-09-18 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
CVE-2009-2609 | 2 Amotools, Joomla | 2 Com Amocourse, Joomla | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | |||||
CVE-2009-2607 | 2 Joomla, Pinme | 2 Joomla, Com Pinboard | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | |||||
CVE-2009-2601 | 2 Joomla, Joomlaequipment | 2 Joomla\!, Juser | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | |||||
CVE-2009-2567 | 2 Almondsoft, Joomla | 2 Almond Classifieds, Joomla\! | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |