Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4272 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Sponsorwall | 2025-04-11 | N/A |
| SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-1473 | 2 Johnmccollum, Joomla | 2 Com Advertising, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-2128 | 2 Harmistechnology, Joomla | 2 Com Jequoteform, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. | ||||
| CVE-2010-1494 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1873 | 2 Joomla, Jvehicles | 2 Joomla\!, Com Jvehicles | 2025-04-11 | N/A |
| SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4862 | 2 Harmistechnology, Joomla | 2 Com Jedirectory, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | ||||
| CVE-2010-4405 | 2 Anything-digital, Joomla | 2 Sh404sef, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-2690 | 2 Jooforge, Joomla | 2 Com Gamesbox, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php. | ||||
| CVE-2010-4516 | 2 Joomla, Jxtended | 2 Joomla\!, Jxtended Comments | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1718 | 2 Joomla, Lispeltuut | 2 Joomla\!, Com Archeryscores | 2025-04-11 | N/A |
| Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-4696 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-0456 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php. | ||||
| CVE-2010-4702 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4166 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php. | ||||
| CVE-2010-2918 | 2 Joomla, Visocrea | 2 Joomla\!, Com Joomla Visites | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-4651 | 2 Joomla, Onnogroen | 2 Joomla\!, Com Webeecomment | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors. | ||||
| CVE-2010-4718 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | ||||
| CVE-2010-2036 | 2 Joomla, Percha | 2 Joomla\!, Com Perchafieldsattach | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-5053 | 2 Joomla, Php-shop-system | 2 Joomla\!, Com Xobbix | 2025-04-11 | N/A |
| SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | ||||
| CVE-2010-2910 | 2 Alexred, Joomla | 2 Com Oziogallery, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||