Search Results (991 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1982 2 Joomla, Joomlart 2 Joomla\!, Com Javoice 2025-04-11 N/A
Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVE-2010-1956 2 Joomla, Thefactory 2 Joomla\!, Com Gadgetfactory 2025-04-11 N/A
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1954 2 Joomla, Joomlacomponent.inetlanka 2 Joomla\!, Com Multiroot 2025-04-11 N/A
Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0467 2 Chillcreations, Joomla 2 Com Ccnewsletter, Joomla\! 2025-04-11 5.8 Medium
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
CVE-2010-0461 1 Joomla 2 Com Casino, Joomla 2025-04-11 N/A
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.
CVE-2010-0459 2 Joomla, Yoflash 2 Joomla\!, Com Mochigames 2025-04-11 N/A
SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-0456 2 Indianpulses, Joomla 2 Com Gameserver, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php.
CVE-2010-0374 2 Codingfish, Joomla 2 Com Marketplace, Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php.
CVE-2010-2464 2 Joomla, Rsjoomla 2 Joomla\!, Com Rscomments 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
CVE-2012-1116 1 Joomla 1 Joomla\! 2025-04-11 N/A
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1878 2 Blueflyingfish.no-ip, Joomla 2 Com Orgchart, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1877 2 Joomla, Jtmreseller 2 Joomla\!, Com Jtm 2025-04-11 N/A
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php.
CVE-2010-1874 2 Com-property, Joomla 2 Com Properties, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2255 2 Joomla, Tamlyncreative 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more 2025-04-11 N/A
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4638 2 Iptechinside, Joomla 2 Com Jquarks4s, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a submitSurvey action to index.php.
CVE-2009-4785 2 Bhavesh Chauhan, Joomla 2 Com Quicknews, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php.
CVE-2009-4784 2 Joaktree, Joomla 2 Com Joaktree, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php.
CVE-2010-2254 2 Joomla, Shape5 2 Joomla\!, Bridge Of Hope Template 2025-04-11 N/A
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2009-4679 2 Inertialfate, Joomla 2 Com If Nexus, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1715 2 Joomla, Pucit.edu 2 Joomla\!, Com Onlineexam 2025-04-11 N/A
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.