Filtered by vendor Joomla
Subscriptions
Total
948 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4949 | 2 Evnix, Joomla | 3 Freichat, Freichatpure, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. | ||||
| CVE-2011-3747 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php. | ||||
| CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2025-04-11 | N/A |
| SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | ||||
| CVE-2009-4628 | 2 Joomla, Templateplaza | 2 Joomla\!, Com Tpdugg | 2025-04-11 | N/A |
| SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | ||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | ||||
| CVE-2010-0372 | 2 Hong Chuyen, Joomla | 2 Com Articlemanager, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. | ||||
| CVE-2010-0373 | 1 Joomla | 2 Com Libros, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2010-0456 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php. | ||||
| CVE-2010-0461 | 1 Joomla | 2 Com Casino, Joomla | 2025-04-11 | N/A |
| SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php. | ||||
| CVE-2010-0610 | 2 Joomla, Webguerilla | 2 Joomla\!, Com Photoblog | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist. | ||||
| CVE-2010-0632 | 2 Joomla, Parkviewconsultants | 2 Joomla\!, Com Simplefaq | 2025-04-11 | N/A |
| SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php. | ||||
| CVE-2010-0694 | 2 Joomla, Percha | 2 Joomla, Com Perchagallery | 2025-04-11 | N/A |
| SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. | ||||
| CVE-2010-0753 | 2 Componentslab, Joomla | 2 Com Sqlreport, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0795 | 2 Harmistechnology, Joomla | 2 Com Jeeventcalendar, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. | ||||
| CVE-2010-0796 | 2 Harmistechnology, Joomla | 2 Com Jeeventcalendar, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. | ||||
| CVE-2010-0803 | 2 Joomla, Jvideodirect | 2 Joomla\!, Com Jvideodirect | 2025-04-11 | N/A |
| SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. | ||||
| CVE-2010-0942 | 2 Joomla, Jvideodirect | 2 Joomla\!, Com Jvideodirect | 2025-04-11 | N/A |
| Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-0943 | 2 Joomla, Joomlart | 2 Joomla\!, Com Jashowcase | 2025-04-11 | N/A |
| Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. | ||||
| CVE-2010-0944 | 2 Joomla, Thorsten Riess | 2 Joomla\!, Com Jcollection | 2025-04-11 | N/A |
| Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-3028 | 2 Joomla, Simon Philips | 2 Joomla, Aardvertiser | 2025-04-11 | N/A |
| The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files. | ||||