Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Joomla Subscribe
Total 912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1720 2 Joomla, Qproje 2 Joomla\!, Com Qpersonel 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
CVE-2010-1721 2 Joomla, Thethinkery 2 Joomla\!, Com Iproperty 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
CVE-2010-1722 2 Dev.pucit.edu.pk, Joomla 2 Com Market, Joomla\! 2017-08-16 6.8 MEDIUM N/A
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1739 1 Joomla 2 Com Newsfeeds, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
CVE-2010-1746 2 Joomla, Toolsjx 2 Joomla\!, Com Grid 2017-08-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php.
CVE-2010-1858 2 Gelembjuk, Joomla 2 Com Smestorage, Joomla\! 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-1873 2 Joomla, Jvehicles 2 Joomla\!, Com Jvehicles 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1874 2 Com-property, Joomla 2 Com Properties, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1875 2 Com-property, Joomla 2 Com Properties, Joomla\! 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1877 2 Joomla, Jtmreseller 2 Joomla\!, Com Jtm 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php.
CVE-2010-1878 2 Blueflyingfish.no-ip, Joomla 2 Com Orgchart, Joomla\! 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1956 2 Joomla, Thefactory 2 Joomla\!, Com Gadgetfactory 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1957 2 Joomla, Thefactory 2 Joomla\!, Com Lovefactory 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1952 2 Cmstactics, Joomla 3 Com Beeheard, Com Beeheardlite, Joomla\! 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1955 2 Joomla, Thefactory 2 Joomla\!, Com Blogfactory 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1979 2 Affiliatefeeds, Joomla 2 Com Datafeeds, Joomla\! 2017-08-16 6.8 MEDIUM N/A
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1980 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlaflickr 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1983 2 Joomla, Redcomponent 2 Joomla\!, Com Redtwitter 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2045 2 Dionesoft, Joomla 2 Com Dioneformwizard, Joomla\! 2017-08-16 7.5 HIGH N/A
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-2044 2 Adhie Utomo, Joomla 2 Com Konsultasi, Joomla\! 2017-08-16 7.5 HIGH N/A
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php.