Filtered by vendor Joomla
Subscriptions
Total
948 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5451 | 2 Com Colorlab, Joomla | 2 Com Colorlab, Joomla | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2008-0606 | 3 Joomla, Mambo, Phil Taylor | 3 Com Shambo2, Com Shambo2, Shambo2 | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | ||||
| CVE-2009-1939 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-4504 | 1 Joomla | 1 Rsfiles | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action. | ||||
| CVE-2008-2569 | 1 Joomla | 1 Easybook Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | ||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2007-6642 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors. | ||||
| CVE-2008-0517 | 3 Darko Selesi, Joomla, Mambo | 3 Estateagent, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. | ||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | ||||
| CVE-2008-0772 | 2 Joomla, Mambo | 2 Com Doc, Com Doc | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | ||||
| CVE-2008-2892 | 2 Feellove, Joomla | 2 Exp Shop Component, Com Expshop | 2025-04-09 | N/A |
| SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php. | ||||
| CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0800 | 1 Joomla | 1 Com Mcquiz | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. | ||||
| CVE-2008-0817 | 2 Joomla, Mambo | 2 Com Filebase Component, Com Filebase Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | ||||
| CVE-2008-0833 | 1 Joomla | 1 Com Galeria | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2006-6834 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." | ||||
| CVE-2008-0918 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4579 | 2 Joomla, Mambo-foundation | 3 Com Artistavenue, Joomla\!, Mambo | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Artist avenue (com_artistavenue) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php. | ||||
| CVE-2008-6430 | 1 Joomla | 2 Com Mycontent, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| CVE-2006-7008 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029. | ||||