Filtered by vendor Joomla
Subscriptions
Total
938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4862 | 2 Harmistechnology, Joomla | 2 Com Jedirectory, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | ||||
| CVE-2010-4853 | 2 Chillcreations, Joomla | 2 Com Ccinvoices, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. | ||||
| CVE-2010-1363 | 2 Extremejoomla, Joomla | 2 Com J-projects, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. | ||||
| CVE-2010-1352 | 2 Jooforge, Joomla | 2 Com Jukebox, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1344 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | ||||
| CVE-2010-1353 | 2 Joomla, Wowjoomla | 2 Joomla\!, Com Loginbox | 2025-04-11 | N/A |
| Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | ||||
| CVE-2010-1372 | 2 Hdflvplayer, Joomla | 2 Com Hdflvplayer, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2010-1477 | 2 Joomla, Martin Hess | 2 Joomla\!, Com Sermonspeaker | 2025-04-11 | N/A |
| SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. | ||||
| CVE-2010-1306 | 2 Joomla, Roberto Aloi | 2 Joomla\!, Com Joomlapicasa2 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1304 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Userstatus | 2025-04-11 | N/A |
| Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1313 | 2 Joomla, Seber | 2 Joomla\!, Com Sebercart | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1265 | 2 Ekith, Joomla | 2 Com Dcs Flashgames, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-1217 | 2 Je Form Creator, Joomla | 2 Je Form Creator, Joomla | 2025-04-11 | N/A |
| Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected. | ||||
| CVE-2010-1302 | 2 Decryptweb, Joomla | 2 Com Dwgraphs, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| CVE-2010-1314 | 2 Joomla, Joomlanook | 2 Joomla\!, Com Hsconfig | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1045 | 2 Design-cars, Joomla | 2 Com Productbook, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0972 | 2 G4j.laoneo, Joomla | 2 Com Gcalendar, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1056 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokdownloads | 2025-04-11 | N/A |
| Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-0803 | 2 Joomla, Jvideodirect | 2 Joomla\!, Com Jvideodirect | 2025-04-11 | N/A |
| SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. | ||||
| CVE-2010-0795 | 2 Harmistechnology, Joomla | 2 Com Jeeventcalendar, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. | ||||