Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Joomla
  • Search Type: Search All
There are 1,107 matching records.
Displaying matches 621 through 640.
Vuln ID Summary CVSS Severity
CVE-2010-1305

Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1304

Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: April 08, 2010; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1302

Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.

Published: April 07, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1265

SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

Published: April 06, 2010; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-1219

Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: March 30, 2010; 7:30:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1217

Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.

Published: March 30, 2010; 7:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1081

Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: March 23, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1073

SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.

Published: March 23, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-1056

Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Published: March 23, 2010; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1045

SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information.

Published: March 22, 2010; 9:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0985

Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Published: March 16, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0982

Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: March 16, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-0981

SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.

Published: March 16, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0972

Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Published: March 16, 2010; 3:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0946

SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0945

SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-0944

Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-0943

Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-0942

Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-4679

Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Published: March 08, 2010; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH