Total
583 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1601 | 2 Joomla, Joomlamart | 2 Joomla\!, Com Jacomment | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | |||||
CVE-2010-1952 | 2 Cmstactics, Joomla | 3 Com Beeheard, Com Beeheardlite, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2010-4718 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | |||||
CVE-2010-0801 | 2 Autartica, Joomla | 2 Com Autartitarot, Joomla\! | 2023-12-10 | 3.5 LOW | N/A |
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4927 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Restaurantguide | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. | |||||
CVE-2010-4990 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | |||||
CVE-2010-1716 | 2 Joomla, Joomlanetprojects | 2 Joomla\!, Com Agenda | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
CVE-2010-2037 | 2 Joomla, Percha | 2 Joomla\!, Com Perchadownloadsattach | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | |||||
CVE-2010-1475 | 2 Joomla, Ternaria | 2 Joomla\!, Com Preventive | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | |||||
CVE-2010-1344 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | |||||
CVE-2010-2678 | 2 Guillermo Vargas, Joomla | 2 Com Xmap, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
CVE-2010-4945 | 1 Joomla | 2 Com Camelcitydb2, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
CVE-2010-2921 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Golfcourseguide | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. | |||||
CVE-2010-0943 | 2 Joomla, Joomlart | 2 Joomla\!, Com Jashowcase | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. | |||||
CVE-2010-1982 | 2 Joomla, Joomlart | 2 Joomla\!, Com Javoice | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | |||||
CVE-2010-5048 | 2 Joomla, Joomlatune | 2 Joomla\!, Com Jcomments | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php. | |||||
CVE-2010-2847 | 2 Gonzalo Maser, Joomla | 2 Com Artforms, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php. | |||||
CVE-2011-4808 | 2 Joomla, Joomlaextensions | 2 Joomla\!, Com Hmcommunity | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. |