Search Results (631 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4868 2 Joomla, Kunena 2 Joomla\!, Kunena 2025-04-11 N/A
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1473 2 Johnmccollum, Joomla 2 Com Advertising, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1475 2 Joomla, Ternaria 2 Joomla\!, Com Preventive 2025-04-11 N/A
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-2902 2 Joomla, Ryan Demmer 2 Joomla\!, Joomla Content Editor 2025-04-11 N/A
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht.
CVE-2010-3422 2 Joomla, Solventus 2 Joomla\!, Com Jgen 2025-04-11 N/A
SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2012-4532 1 Joomla 1 Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-4651 2 Joomla, Onnogroen 2 Joomla\!, Com Webeecomment 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors.
CVE-2012-5101 2 Jextensions, Joomla 2 Je Poll Component, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-5230 2 Harmistechnology, Joomla 2 Com Jesubmit, Joomla\! 2025-04-11 N/A
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
CVE-2010-0982 2 Joomla, Joomlamo 2 Joomla\!, Com Cartweberp 2025-04-11 N/A
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-4769 2 Janguo, Joomla 2 Com Jimtawl, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php.
CVE-2012-5455 1 Joomla 1 Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error."
CVE-2011-0511 2 Joomla, Joomtraders 2 Joomla\!, Com Allcinevid 2025-04-11 N/A
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2011-4830 2 Barter-sites, Joomla 2 Com Listing, Joomla\! 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php.
CVE-2010-1496 2 Jolt, Joomla 2 Com Joltcard, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php.
CVE-2010-1302 2 Decryptweb, Joomla 2 Com Dwgraphs, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-1718 2 Joomla, Lispeltuut 2 Joomla\!, Com Archeryscores 2025-04-11 N/A
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1739 1 Joomla 2 Com Newsfeeds, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
CVE-2010-1340 2 Joomla, Joomla-research 2 Joomla\!, Com Jresearch 2025-04-11 N/A
Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.