U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Joomla
  • Search Type: Search All
There are 1,182 matching records.
Displaying matches 981 through 1,000.
Vuln ID Summary CVSS Severity
CVE-2008-0839

SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.

Published: February 20, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0841

SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

Published: February 20, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0842

SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

Published: February 20, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0844

SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

Published: February 20, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0846

SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.

Published: February 20, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0831

Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754.

Published: February 20, 2008; 2:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0832

SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.

Published: February 20, 2008; 2:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0833

SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Published: February 20, 2008; 2:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0829

SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.

Published: February 19, 2008; 4:44:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0810

SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

Published: February 18, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0815

SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.

Published: February 18, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0816

SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.

Published: February 18, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0817

SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

Published: February 18, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0795

SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.

Published: February 15, 2008; 5:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0799

SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.

Published: February 15, 2008; 5:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0800

SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.

Published: February 15, 2008; 5:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0801

SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter.

Published: February 15, 2008; 5:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0802

SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action.

Published: February 15, 2008; 5:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0772

SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.

Published: February 13, 2008; 7:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0761

SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action.

Published: February 13, 2008; 4:00:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH