Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Joomla
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2008-1849 |
Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. Published: April 16, 2008; 1:05:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-1733 |
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. Published: April 11, 2008; 3:05:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1682 |
PHP remote file inclusion vulnerability in quiz/common/db_config.inc.php in the Online FlashQuiz (com_onlineflashquiz) 1.0.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter. Published: April 04, 2008; 3:44:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2008-1559 |
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. Published: March 31, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2008-1535 |
SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. Published: March 28, 2008; 2:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1540 |
SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: March 28, 2008; 2:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1533 |
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors. Published: March 27, 2008; 8:44:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2008-1505 |
PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php. Published: March 25, 2008; 3:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1465 |
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562. Published: March 24, 2008; 5:44:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-1459 |
SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Published: March 24, 2008; 2:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1460 |
SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Published: March 24, 2008; 2:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1427 |
SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php. Published: March 20, 2008; 2:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1297 |
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. Published: March 12, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1137 |
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Published: March 04, 2008; 3:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1077 |
SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action. Published: February 28, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-0916 |
SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php. Published: February 22, 2008; 6:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-0918 |
SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: February 22, 2008; 6:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-0849 |
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. Published: February 20, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-0853 |
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. Published: February 20, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-0854 |
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. Published: February 20, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |