Search Results (979 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0944 2 Joomla, Thorsten Riess 2 Joomla\!, Com Jcollection 2025-04-11 N/A
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0943 2 Joomla, Joomlart 2 Joomla\!, Com Jashowcase 2025-04-11 N/A
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
CVE-2010-1977 2 Gohigheris, Joomla 2 Com Jwhmcs, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2011-4823 2 Extensionsforjoomla, Joomla 2 Com Vikrealestate, Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
CVE-2010-0942 2 Joomla, Jvideodirect 2 Joomla\!, Com Jvideodirect 2025-04-11 N/A
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0800 2 Joomla, Joomservices 2 Joomla\!, Com Dms 2025-04-11 N/A
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php.
CVE-2010-0610 2 Joomla, Webguerilla 2 Joomla\!, Com Photoblog 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.
CVE-2010-1983 2 Joomla, Redcomponent 2 Joomla\!, Com Redtwitter 2025-04-11 N/A
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0760 2 Greatjoomla, Joomla 2 Scriptegrator Plugin, Joomla\! 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0759 2 Greatjoomla, Joomla 2 Scriptegrator Plugin, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
CVE-2010-0670 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2025-04-11 N/A
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors.
CVE-2009-4938 2 Joomla, Warphd 2 Joomla\!, Com Jvideo 2025-04-11 N/A
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.
CVE-2010-4975 2 Joomla, Techjoomla 2 Joomla\!, Com Socialads 2025-04-11 N/A
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
CVE-2010-4990 2 B-elektro, Joomla 2 Com Addressbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php.
CVE-2010-4991 2 Joomla, Ninjaforge 2 Joomla\!, Ninjamonials 2025-04-11 N/A
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php.
CVE-2010-4992 2 Joomla, Paymentsplus 2 Joomla\!, Payments Plus 2025-04-11 N/A
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.
CVE-2010-4994 2 Instantphp, Joomla 2 Jobs Pro, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html.
CVE-2010-4995 2 Joomla, Neojoomla 2 Joomla\!, Com Neorecruit 2025-04-11 N/A
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506.
CVE-2010-5003 2 Autartica, Joomla 2 Com Autartimonial, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-4679 2 Inertialfate, Joomla 2 Com If Nexus, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.