Search Results (991 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0696 2 Joomla, Joomlaworks 2 Joomla, Jw Allvideos 2025-04-11 N/A
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
CVE-2010-0676 2 Joomla, Weberr 2 Joomla\!, Com Rwcards 2025-04-11 N/A
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
CVE-2010-0803 2 Joomla, Jvideodirect 2 Joomla\!, Com Jvideodirect 2025-04-11 N/A
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php.
CVE-2010-5003 2 Autartica, Joomla 2 Com Autartimonial, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1073 2 Joomla, Joshprakash 2 Joomla\!, Com Jembed 2025-04-11 N/A
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
CVE-2010-2259 2 Joomla, Tamlyncreative 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more 2025-04-11 N/A
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0972 2 G4j.laoneo, Joomla 2 Com Gcalendar, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2006-7247 2 Joomla, Mambo-foundation 3 Com Weblinks, Joomla\!, Mambo 2025-04-11 N/A
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2010-1306 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlapicasa2 2025-04-11 N/A
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1313 2 Joomla, Seber 2 Joomla\!, Com Sebercart 2025-04-11 N/A
Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2147 2 Joomla, Unisoft 2 Joomla\!, Com Mycar 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php.
CVE-2010-1350 2 Joomla, Joomlaprojects 2 Joomla\!, Com Jp Jobs 2025-04-11 N/A
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-2845 2 Joomla, Schlu.net 2 Joomla\!, Com Quickfaq 2025-04-11 N/A
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php.
CVE-2010-2847 2 Gonzalo Maser, Joomla 2 Com Artforms, Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php.
CVE-2010-1478 2 Joomla, Ternaria 2 Joomla\!, Com Jfeedback 2025-04-11 N/A
Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1494 2 Awdsolution, Joomla 2 Com Awdwall, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1495 2 Joomla, Matamko 2 Joomla\!, Com Matamko 2025-04-11 N/A
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1601 2 Joomla, Joomlamart 2 Joomla\!, Com Jacomment 2025-04-11 N/A
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVE-2010-1603 2 Joomla, Zimbllc 2 Joomla\!, Com Zimbcore 2025-04-11 N/A
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2025-04-11 N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.