Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla
Subscriptions
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7010 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks. | ||||
| CVE-2008-5051 | 2 Jooblog, Joomla | 2 Jooblog, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php. | ||||
| CVE-2009-0726 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | ||||
| CVE-2007-6645 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability." | ||||
| CVE-2007-5451 | 2 Com Colorlab, Joomla | 2 Com Colorlab, Joomla | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2008-6481 | 3 Joomla, Joomprod, Mambo-foundation | 3 Joomla, Com Versioning, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | ||||
| CVE-2008-1459 | 4 Joomla, Joomlaitalia, Mambo and 1 more | 4 Joomla, Com Alberghi, Mambo and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-1533 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors. | ||||
| CVE-2008-1935 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | ||||
| CVE-2008-2628 | 2 Joomla, Ron Liskey | 2 Joomla, Com Equotes | 2025-04-09 | N/A |
| SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2007-5427 | 1 Joomla | 2 Com Search Component, Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1. | ||||
| CVE-2007-5310 | 2 Joomla, Webmaster-tips.net | 2 Joomla, Flash Image Gallery | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-0421 | 1 Joomla | 2 Com Eventing, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2009-0706 | 3 Joomla, Mambo, Simple-review | 3 Joomla, Mambo, Com Simple Review | 2025-04-09 | N/A |
| SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | ||||
| CVE-2009-1258 | 2 Joomla, Rd-media | 2 Joomla, Com Rdautos | 2025-04-09 | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4184 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | ||||
| CVE-2007-4187 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/views/search/tmpl/ and (2) templates/beez/html/com_search/search/. | ||||
| CVE-2009-1848 | 2 Joomla, Joomlame | 2 Joomla, Com Agoragroup | 2025-04-09 | N/A |
| SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php. | ||||
| CVE-2007-0387 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-6080 | 2 Codecall, Joomla | 2 Com Ionfiles, Joomla | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||