Filtered by vendor Joomla Subscriptions
Total 935 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-5044 2 Joomla, Mambo 2 Prince Clan Chess Component, Prince Clan Chess Component 2025-04-09 N/A
Unspecified vulnerability in Prince Clan (Princeclan) Chess component (com_pcchess) 0.8 and earlier for Mambo and Joomla! has unspecified impact and attack vectors.
CVE-2006-5046 1 Joomla 1 Rs Gallery2 2025-04-09 N/A
Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of "hardened language files."
CVE-2006-5047 1 Joomla 1 Rs Gallery2 2025-04-09 N/A
Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 component (com_rsgallery2) before 1.11.3 for Joomla! allows attackers to execute arbitrary code.
CVE-2006-5048 2 Joomla, Waltercedric 2 Joomla\!, Com Securityimages 2025-04-09 N/A
Multiple PHP remote file inclusion vulnerabilities in Security Images (com_securityimages) component 3.0.5 and earlier for Joomla! allow remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter in (1) configinsert.php, (2) lang.php, (3) client.php, and (4) server.php.
CVE-2006-5049 1 Joomla 2 Classifieds Component, Com Classifieds 2025-04-09 N/A
Unspecified vulnerability in Classifieds (com_classifieds) component 1.3 and earlier for Joomla! has unspecified impact and attack vectors.
CVE-2006-6833 1 Joomla 1 Joomla 2025-04-09 N/A
com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors.
CVE-2006-6843 1 Joomla 1 Be It Easypartner Component 2025-04-09 N/A
PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7010 1 Joomla 1 Joomla 2025-04-09 N/A
The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.
CVE-2006-7008 1 Joomla 1 Joomla 2025-04-09 N/A
Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029.
CVE-2006-7009 1 Joomla 1 Joomla 2025-04-09 N/A
Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors.
CVE-2006-7122 1 Joomla 1 Bsq Sitestats 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter.
CVE-2006-7124 1 Joomla 1 Bsq Sitestats 2025-04-09 N/A
PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter.
CVE-2006-7126 1 Joomla 1 Bsq Sitestats 2025-04-09 N/A
SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the query string, possibly PHP_SELF.
CVE-2007-1596 2 Joomla, Mambo 2 Nfn Address Book, Nfn Address Book 2025-04-09 N/A
Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php.
CVE-2007-1703 1 Joomla 1 Rwcards Component 2025-04-09 N/A
SQL injection vulnerability in index.php in the RWCards (com_rwcards) 2.4.3 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2007-1704 1 Joomla 1 Car Manager 2025-04-09 N/A
SQL injection vulnerability in index.php in the Car Manager (com_resman) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-2199 4 Cjg Explorer Pro, Joomla, Nx and 1 more 4 Cjg Explorer Pro, Joomla, N X Wcms and 1 more 2025-04-09 N/A
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.
CVE-2007-3249 1 Joomla 1 Letterman Subscriber 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php in the Letterman Subscriber (mod_letterman) before 1.2.5 module for Joomla! allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter.
CVE-2007-4046 1 Joomla 1 Pony Gallery 2025-04-09 N/A
SQL injection vulnerability in index.php in the Pony Gallery (com_ponygallery) 1.5 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2007-4184 1 Joomla 1 Joomla 2025-04-09 N/A
SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter.