Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
611 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2507 | 2 Joomla, Masselink | 2 Joomla\!, Com Picasa2gallery | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1659 | 2 Joomla, Webkul | 2 Joomla\!, Com Ultimateportfolio | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-2679 | 1 Joomla | 2 Com Weblinks, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| CVE-2010-2678 | 2 Guillermo Vargas, Joomla | 2 Com Xmap, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2009-4651 | 2 Joomla, Onnogroen | 2 Joomla\!, Com Webeecomment | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors. | ||||
| CVE-2011-5099 | 2 Chillcreations, Joomla | 2 Mod Ccnewsletter, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-2681 | 1 Joomla | 2 Com Sef, Joomla\! | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to index.php. | ||||
| CVE-2010-1983 | 2 Joomla, Redcomponent | 2 Joomla\!, Com Redtwitter | 2025-04-11 | N/A |
| Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2845 | 2 Joomla, Schlu.net | 2 Joomla\!, Com Quickfaq | 2025-04-11 | N/A |
| SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. | ||||
| CVE-2010-2535 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens. | ||||
| CVE-2010-2514 | 2 Dacian Strain, Joomla | 2 Com Jfaq, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php. | ||||
| CVE-2009-4619 | 2 Joomla, Lucygames | 2 Joomla\!, Com Lucygames | 2025-04-11 | N/A |
| SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-2710 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5. | ||||
| CVE-2010-2035 | 2 Joomla, Percha | 2 Joomla\!, Com Perchagallery | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-0676 | 2 Joomla, Weberr | 2 Joomla\!, Com Rwcards | 2025-04-11 | N/A |
| Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter. | ||||
| CVE-2010-1056 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokdownloads | 2025-04-11 | N/A |
| Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-1603 | 2 Joomla, Zimbllc | 2 Joomla\!, Com Zimbcore | 2025-04-11 | N/A |
| Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-2909 | 2 Joomla, Toughtomato | 2 Joomla\!, Com Ttvideo | 2025-04-11 | N/A |
| SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. | ||||
| CVE-2010-2910 | 2 Alexred, Joomla | 2 Com Oziogallery, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2010-2254 | 2 Joomla, Shape5 | 2 Joomla\!, Bridge Of Hope Template | 2025-04-11 | N/A |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | ||||