Filtered by vendor Joomla
Subscriptions
Total
948 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3058 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2748 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." | ||||
| CVE-2010-1653 | 2 Htmlcoderhelper, Joomla | 2 Com Graphics, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1340 | 2 Joomla, Joomla-research | 2 Joomla\!, Com Jresearch | 2025-04-11 | N/A |
| Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2013-3056 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors. | ||||
| CVE-2012-1612 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1599 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611. | ||||
| CVE-2010-1950 | 2 Emultisoft, Joomla | 2 Com Jnewspaper, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1715 | 2 Joomla, Pucit.edu | 2 Joomla\!, Com Onlineexam | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2025-04-11 | N/A |
| SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | ||||
| CVE-2010-1714 | 2 Dev.pucit.edu.pk, Joomla | 2 Com Arcadegames, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2012-0836 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors. | ||||
| CVE-2010-1723 | 2 Joomla, Joomlacomponent.inetlanka | 2 Joomla\!, Com Drawroot | 2025-04-11 | N/A |
| Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-4270 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2025-04-11 | N/A |
| Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010. | ||||
| CVE-2011-2892 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | ||||
| CVE-2011-4823 | 2 Extensionsforjoomla, Joomla | 2 Com Vikrealestate, Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php. | ||||
| CVE-2010-2259 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2013-1454 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors." | ||||
| CVE-2010-4927 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Restaurantguide | 2025-04-11 | N/A |
| SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. | ||||
| CVE-2011-2891 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488. | ||||