Filtered by vendor Joomla
Subscriptions
Total
953 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4059 | 2 .joomclan, Joomla | 2 Com Joomclip, Joomla\! | 2025-04-09 | N/A |
| SQL injection vulnerability in the JoomClip (com_joomclip) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php. | ||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2025-04-09 | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | ||||
| CVE-2008-2095 | 3 Joomla, Mambo, Page-flip-tools | 3 Com Flippingbook, Com Flippingbook, Flipping Book | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | ||||
| CVE-2007-4923 | 1 Joomla | 1 Joomla Radio | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomlaradiov5) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2007-4955 | 1 Joomla | 1 Flash Fun Component | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlaflashfun) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2007-5065 | 2 Joomla, Webmaster-tips | 2 Joomla, Flash Slide Show | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2007-5310 | 2 Joomla, Webmaster-tips.net | 2 Joomla, Flash Image Gallery | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2008-2627 | 1 Joomla | 1 Com Idoblog | 2025-04-09 | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | ||||
| CVE-2008-0514 | 2 Joomla, Mambo | 2 Glossary, Glossary | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. | ||||
| CVE-2008-0561 | 3 Arthur Konze Webdesign, Joomla, Mambo | 3 Akogallery, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | ||||
| CVE-2008-0689 | 1 Joomla | 1 Com Marketplace | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | ||||
| CVE-2006-7122 | 1 Joomla | 1 Bsq Sitestats | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter. | ||||
| CVE-2006-7126 | 1 Joomla | 1 Bsq Sitestats | 2025-04-09 | N/A |
| SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the query string, possibly PHP_SELF. | ||||
| CVE-2009-3434 | 3 Joomla, Mambo, Onestopjoomla | 3 Joomla, Mambo, Com Tupinambis | 2025-04-09 | N/A |
| SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php. | ||||
| CVE-2008-2643 | 1 Joomla | 1 Com Biblestudy | 2025-04-09 | N/A |
| SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | ||||
| CVE-2008-6429 | 2 Joomla, Mike Leeper | 2 Joomla, Com Prayercenter | 2025-04-09 | N/A |
| SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php. | ||||
| CVE-2008-2990 | 2 Joomla, Mambo | 3 Com Facileforms, Joomla, Com Facileforms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. | ||||
| CVE-2008-2454 | 1 Joomla | 1 Com Xsstream-dm | 2025-04-09 | N/A |
| SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. | ||||
| CVE-2008-2628 | 2 Joomla, Ron Liskey | 2 Joomla, Com Equotes | 2025-04-09 | N/A |
| SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||