National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Joomla
  • Search Type: Search All
There are 1,032 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2018-6372

SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-6370

SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-6368

SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-6006

SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-6005

SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-6004

SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.

Published: February 17, 2018; 02:29:01 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5994

SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5993

SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5992

SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5991

SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5990

SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5989

SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5987

SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5983

SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5982

SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5981

SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5980

SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5975

SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5974

SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5971

SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.

Published: February 17, 2018; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH