National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Joomla
  • Search Type: Search All
There are 1,055 matching records.
Displaying matches 881 through 900.
Vuln ID Summary CVSS Severity
CVE-2008-0603

SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task.

Published: February 06, 2008; 07:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2008-0606

SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.

Published: February 06, 2008; 07:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2008-0607

SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published: February 06, 2008; 07:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2008-0579

SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action.

Published: February 04, 2008; 10:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0567

Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3) PPS.php in excelwriter/; and (4) BIFFwriter.php, (5) Workbook.php, (6) Worksheet.php, and (7) Format.php in excelwriter/Writer/.

Published: February 04, 2008; 09:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0557

SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Published: February 04, 2008; 06:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0561

SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Published: February 04, 2008; 06:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0562

SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Published: February 04, 2008; 06:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0510

SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0511

SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0512

SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0514

SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0515

SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0517

SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0518

SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2008-0519

SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action.

Published: January 31, 2008; 03:00:00 PM -05:00
    V2: 7.5 HIGH
CVE-2007-6663

SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.

Published: January 04, 2008; 06:46:00 AM -05:00
    V2: 7.5 HIGH
CVE-2007-6642

Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors.

Published: January 03, 2008; 08:46:00 PM -05:00
    V2: 6.8 MEDIUM
CVE-2007-6643

Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: January 03, 2008; 08:46:00 PM -05:00
    V2: 4.3 MEDIUM
CVE-2007-6644

Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.

Published: January 03, 2008; 08:46:00 PM -05:00
    V2: 6.5 MEDIUM