VYPR

Vendor CVEs

Joomla

All CVEs

1,051 total · sorted by risk
  • CVE-2008-1848Apr 16, 2008
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.

  • CVE-2008-1733Apr 11, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php.

  • CVE-2008-1559Mar 31, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

  • CVE-2008-1540Mar 28, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details…

  • CVE-2008-1535Mar 28, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php.

  • CVE-2008-1465Mar 24, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.

  • CVE-2008-1459Mar 24, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

  • CVE-2008-1427Mar 20, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php.

  • CVE-2008-1297Mar 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.

  • CVE-2008-1137Mar 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

  • CVE-2008-1077Feb 29, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action.

  • CVE-2008-0918Feb 22, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the…

  • CVE-2008-0855Feb 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

  • CVE-2008-0853Feb 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE.

  • CVE-2008-0854Feb 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.

  • CVE-2008-0846Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.

  • CVE-2008-0844Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

  • CVE-2008-0839Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-0842Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

  • CVE-2008-0841Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-0831Feb 20, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754.

  • CVE-2008-0832Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.

  • CVE-2008-0833Feb 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

  • CVE-2008-0829Feb 19, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.

  • CVE-2008-0816Feb 19, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.

  • CVE-2008-0810Feb 19, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-0817Feb 19, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

  • CVE-2008-0815Feb 19, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.

  • CVE-2008-0800Feb 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.

  • CVE-2008-0801Feb 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter.

  • CVE-2008-0795Feb 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.

  • CVE-2008-0802Feb 15, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action.

  • CVE-2008-0799Feb 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.

  • CVE-2008-0772Feb 14, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.

  • CVE-2008-0773Feb 14, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-0761Feb 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action.

  • CVE-2008-0746Feb 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

  • CVE-2008-0752Feb 13, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.

  • CVE-2008-0754Feb 13, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a…

  • CVE-2008-0686Feb 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.

  • CVE-2008-0689Feb 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.

  • CVE-2008-0670Feb 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action.

  • CVE-2008-0653Feb 7, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action.

  • CVE-2008-0652Feb 7, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

  • CVE-2008-0606Feb 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.

  • CVE-2008-0603Feb 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task.

  • CVE-2008-0579Feb 5, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action.

  • CVE-2008-0562Feb 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

  • CVE-2008-0561Feb 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

  • CVE-2008-0557Feb 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Page 12 of 22