VYPR

Vendor CVEs

Joomla

All CVEs

1,051 total · sorted by risk
  • CVE-2008-6088Feb 6, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.

  • CVE-2008-6076Feb 6, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

  • CVE-2009-0421Feb 5, 2009
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

  • CVE-2009-0420Feb 5, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

  • CVE-2008-6050Feb 4, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php.

  • CVE-2009-0381Feb 2, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php.

  • CVE-2009-0380Feb 2, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. …

  • CVE-2009-0379Feb 2, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761.

  • CVE-2009-0378Feb 2, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.

  • CVE-2009-0377Feb 2, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.

  • CVE-2009-0373Jan 30, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php.

  • CVE-2009-0333Jan 29, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.

  • CVE-2009-0329Jan 29, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.

  • CVE-2008-5957Jan 23, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.

  • CVE-2008-5811Jan 2, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.

  • CVE-2008-5643Dec 17, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.

  • CVE-2008-5607Dec 16, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

  • CVE-2008-5494Dec 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

  • CVE-2008-5208Nov 24, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.

  • CVE-2008-5200Nov 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

  • CVE-2008-5051Nov 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.

  • CVE-2008-4777Oct 29, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.

  • CVE-2008-4715Oct 23, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.

  • CVE-2008-4623Oct 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php.

  • CVE-2008-4617Oct 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-3586Aug 11, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

  • CVE-2008-3498Aug 6, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information.

  • CVE-2008-3265Jul 24, 2008
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.

  • CVE-2008-3132Jul 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.

  • CVE-2008-3083Jul 9, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.

  • CVE-2008-2990Jul 2, 2008
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.

  • CVE-2008-2892Jun 27, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.

  • CVE-2008-2697Jun 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) component 1.6.6 and 1.6.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php.

  • CVE-2008-2692Jun 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php.

  • CVE-2008-2701Jun 13, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a page action to index.php.

  • CVE-2008-2676Jun 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.

  • CVE-2008-2651Jun 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the forum parameter in a forum action to index.php.

  • CVE-2008-2643Jun 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php.

  • CVE-2008-2630Jun 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php.

  • CVE-2008-2633Jun 10, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php.

  • CVE-2008-2627Jun 10, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php.

  • CVE-2008-2632Jun 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.

  • CVE-2008-2628Jun 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

  • CVE-2008-2568Jun 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php.

  • CVE-2008-2569Jun 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php.

  • CVE-2008-2564Jun 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.

  • CVE-2008-2454May 27, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php.

  • CVE-2008-2095May 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.

  • CVE-2008-2093May 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

  • CVE-2008-1935Apr 25, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter.

Page 11 of 22