Search Results (864 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4946 2 Joomla, Thetricky 2 Joomla\!, Com Messaging 2025-04-11 N/A
Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0374 2 Codingfish, Joomla 2 Com Marketplace, Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php.
CVE-2010-0461 1 Joomla 2 Com Casino, Joomla 2025-04-11 N/A
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.
CVE-2010-0467 2 Chillcreations, Joomla 2 Com Ccnewsletter, Joomla\! 2025-04-11 5.8 Medium
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
CVE-2010-0696 2 Joomla, Joomlaworks 2 Joomla, Jw Allvideos 2025-04-11 N/A
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
CVE-2010-4166 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php.
CVE-2010-4268 2 Joomla, Pulseinfotech 2 Joomla\!, Com Flipwall 2025-04-11 N/A
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-4272 2 Joomla, Pulseinfotech 2 Joomla\!, Com Sponsorwall 2025-04-11 N/A
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-1056 2 Joomla, Rockettheme 2 Joomla\!, Com Rokdownloads 2025-04-11 N/A
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1219 2 Com Janews, Joomla 2 Com Janews, Joomla 2025-04-11 N/A
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2012-2747 1 Joomla 1 Joomla\! 2025-04-11 N/A
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking."
CVE-2012-2748 1 Joomla 1 Joomla\! 2025-04-11 N/A
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error."
CVE-2010-1306 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlapicasa2 2025-04-11 N/A
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1314 2 Joomla, Joomlanook 2 Joomla\!, Com Hsconfig 2025-04-11 N/A
Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4517 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
CVE-2010-1352 2 Jooforge, Joomla 2 Com Jukebox, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4638 2 Iptechinside, Joomla 2 Com Jquarks4s, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a submitSurvey action to index.php.
CVE-2010-1468 2 Focusdev, Joomla 2 Com Mv Restaurantmenumanager, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php.
CVE-2010-1470 2 Dev.pucit.edu.pk, Joomla 2 Com Webtv, Joomla 2025-04-11 N/A
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.