Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4702 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4784 | 2 Joaktree, Joomla | 2 Com Joaktree, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | ||||
| CVE-2010-4837 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2255 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | N/A |
| SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2025-04-11 | N/A |
| SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-4909 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. | ||||
| CVE-2010-4993 | 2 Joomla, Kay Messerschmidt | 2 Joomla\!, Com Eventcal | 2025-04-11 | N/A |
| SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2010-2622 | 2 Joomanager, Joomla | 2 Joomanager, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-4994 | 2 Instantphp, Joomla | 2 Jobs Pro, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | ||||
| CVE-2010-2909 | 2 Joomla, Toughtomato | 2 Joomla\!, Com Ttvideo | 2025-04-11 | N/A |
| SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. | ||||
| CVE-2010-4268 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Flipwall | 2025-04-11 | N/A |
| SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-4272 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Sponsorwall | 2025-04-11 | N/A |
| SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-1977 | 2 Gohigheris, Joomla | 2 Com Jwhmcs, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-2846 | 2 Gonzalo Maser, Joomla | 2 Com Artforms, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php. | ||||
| CVE-2010-4902 | 2 Joomla, Joomla-clantools | 2 Joomla\!, Clantools | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. | ||||
| CVE-2010-2254 | 2 Joomla, Shape5 | 2 Joomla\!, Bridge Of Hope Template | 2025-04-11 | N/A |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | ||||
| CVE-2010-5053 | 2 Joomla, Php-shop-system | 2 Joomla\!, Com Xobbix | 2025-04-11 | N/A |
| SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | ||||
| CVE-2010-2507 | 2 Joomla, Masselink | 2 Joomla\!, Com Picasa2gallery | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2025-04-11 | N/A |
| SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | ||||
| CVE-2010-1983 | 2 Joomla, Redcomponent | 2 Joomla\!, Com Redtwitter | 2025-04-11 | N/A |
| Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||