National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Joomla
  • Search Type: Search All
There are 1,102 matching records.
Displaying matches 601 through 620.
Vuln ID Summary CVSS Severity
CVE-2010-1363

SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.

Published: April 13, 2010; 02:30:00 PM -04:00
    V2: 7.5 HIGH
CVE-2010-1354

Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 12, 2010; 02:30:01 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1353

Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.

Published: April 12, 2010; 02:30:01 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1352

Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 12, 2010; 02:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1350

SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

Published: April 12, 2010; 02:30:00 PM -04:00
    V2: 7.5 HIGH
CVE-2010-1345

Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 09, 2010; 02:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1344

SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.

Published: April 09, 2010; 02:30:00 PM -04:00
    V2: 7.5 HIGH
CVE-2010-1340

Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 09, 2010; 02:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1315

Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 04:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1314

Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 04:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1313

Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 04:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1312

Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 04:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1308

Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1307

Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1306

Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 12:30:00 PM -04:00
    V2: 7.5 HIGH
CVE-2010-1305

Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1304

Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1302

Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.

Published: April 07, 2010; 02:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1265

SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

Published: April 06, 2010; 11:30:00 AM -04:00
    V2: 7.5 HIGH
CVE-2010-1219

Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: March 30, 2010; 07:30:00 PM -04:00
    V2: 6.8 MEDIUM