Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla
Subscriptions
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7010 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks. | ||||
| CVE-2009-0329 | 1 Joomla | 2 Com Pccookbook, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | ||||
| CVE-2009-0381 | 2 Bazaarbuilder, Joomla | 2 Ecommerce Shopping Cart, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php. | ||||
| CVE-2009-0421 | 1 Joomla | 2 Com Eventing, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2009-0494 | 2 Joomla, Mivaco | 2 Joomla, Com Portfol | 2025-04-09 | N/A |
| SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php. | ||||
| CVE-2009-0706 | 3 Joomla, Mambo, Simple-review | 3 Joomla, Mambo, Com Simple Review | 2025-04-09 | N/A |
| SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | ||||
| CVE-2009-0726 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | ||||
| CVE-2009-1279 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component. | ||||
| CVE-2009-1280 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2009-1938 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel. | ||||
| CVE-2009-1940 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2014 | 1 Joomla | 2 Com School, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | ||||
| CVE-2009-2554 | 2 Joomla, Olle Johansson | 2 Joomla, Jobline | 2025-04-09 | N/A |
| SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php. | ||||
| CVE-2009-2607 | 2 Joomla, Pinme | 2 Joomla, Com Pinboard | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | ||||
| CVE-2008-6883 | 2 Joomla, Joompolitan | 2 Joomla, Com Livechat | 2025-04-09 | N/A |
| SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2634 | 2 Joomla, Ordasoft | 2 Joomla, Com Medialibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2635 | 2 Joomla, Ordasoft | 2 Joomla, Com Realestatemanager | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2782 | 2 Jfusion, Joomla | 2 Com Jfusion, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2009-3054 | 2 Artetics, Joomla | 2 Com Artportal, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | ||||
| CVE-2007-6663 | 2 Joomla, Pragmatic Utopia | 2 Joomla, Pu Arcade | 2025-04-09 | N/A |
| SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php. | ||||