Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla
Subscriptions
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5494 | 2 Digitalgreys, Joomla | 2 Com Contactinfo, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-6221 | 2 Dadamailproject, Joomla | 2 Dada Mail Manager, Joomla | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | ||||
| CVE-2009-0333 | 1 Joomla | 2 Com Waticketsystem, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| CVE-2008-5811 | 1 Joomla | 2 Com Paxgallery, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php. | ||||
| CVE-2007-4779 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section. | ||||
| CVE-2008-3228 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. | ||||
| CVE-2009-1938 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel. | ||||
| CVE-2009-1939 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-0373 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via (1) the searchword parameter in certain files; the where parameter in (2) plugins/search/content.php or (3) plugins/search/weblinks.php; the text parameter in (4) plugins/search/contacts.php, (5) plugins/search/categories.php, or (6) plugins/search/sections.php; or (7) the email parameter in database/table/user.php, which is not properly handled by the check function. | ||||
| CVE-2007-5389 | 2 Joomla, Swmenupro | 2 Joomla, Swmenufree | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: a reliable third party disputes this issue because preview.php tests a certain constant to prevent direct requests | ||||
| CVE-2009-2239 | 1 Joomla | 4 Com Casiino Blackjack, Com Casino Videopoker, Com Casinobase and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2008-4617 | 3 Joomla, Mambo-foundation, Pyxicom | 3 Joomla, Mambo, Actualite | 2025-04-09 | N/A |
| SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5053 | 1 Joomla | 2 Com Rssreader, Joomla | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2008-5957 | 2 Joomla, Mydyngallery | 2 Joomla, Mydyngallery | 2025-04-09 | N/A |
| SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php. | ||||
| CVE-2009-0702 | 2 Joomla, Phoca | 2 Joomla, Com Phocadocumentation | 2025-04-09 | N/A |
| SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php. | ||||
| CVE-2009-0726 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | ||||
| CVE-2008-1505 | 2 Joomla, Sstreamtv | 2 Joomla, Custompages | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php. | ||||
| CVE-2009-3318 | 2 Breedveld, Joomla | 2 Com Album, Joomla | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php. | ||||
| CVE-2009-1848 | 2 Joomla, Joomlame | 2 Joomla, Com Agoragroup | 2025-04-09 | N/A |
| SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php. | ||||
| CVE-2008-6222 | 2 Joomla, Joomlashowroom | 2 Joomla, Pro Desk Support Center | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. | ||||