National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:joomla:joomla%21:3.2.0:alpha
There are 409 matching records.
Displaying matches 401 through 409.
Vuln ID Summary CVSS Severity
CVE-2008-6182

SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php.

Published: February 19, 2009; 01:30:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-4764

Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.

Published: October 27, 2008; 10:03:38 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3498

SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information.

Published: August 06, 2008; 02:41:00 PM -04:00
    V2: 7.5 HIGH
CVE-2008-1559

SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

Published: March 31, 2008; 01:44:00 PM -04:00
    V2: 6.8 MEDIUM
CVE-2008-1465

SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.

Published: March 24, 2008; 05:44:00 PM -04:00
    V2: 9.3 HIGH
CVE-2008-0801

SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter.

Published: February 15, 2008; 05:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2006-5043

Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.

Published: September 27, 2006; 07:07:00 PM -04:00
    V2: 6.8 MEDIUM
CVE-2006-5048

Multiple PHP remote file inclusion vulnerabilities in Security Images (com_securityimages) component 3.0.5 and earlier for Joomla! allow remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter in (1) configinsert.php, (2) lang.php, (3) client.php, and (4) server.php.

Published: September 27, 2006; 07:07:00 PM -04:00
    V2: 6.8 MEDIUM
CVE-2006-1957

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.

Published: April 21, 2006; 06:02:00 AM -04:00
    V2: 5.0 MEDIUM