ReportizFlow
Filtered by vendor Joomla
Subscriptions
Total
943 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2567 | 2 Almondsoft, Joomla | 2 Almond Classifieds, Joomla\! | 2025-04-09 | N/A |
| SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2009-2633 | 2 Joomla, Ordasoft | 2 Joomla, Com Vehiclemanager | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2634 | 2 Joomla, Ordasoft | 2 Joomla, Com Medialibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2637 | 2 Joomla, Ordasoft | 2 Joomla, Com Booklibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2638 | 2 Joomla, Konze | 2 Joomla, Com Akobook | 2025-04-09 | N/A |
| SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php. | ||||
| CVE-2007-4189 | 1 Joomla | 1 Joomla\! | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2025-04-09 | N/A |
| SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||
| CVE-2009-3334 | 2 Joomla, Lhacky | 2 Joomla\!, Com Jinc | 2025-04-09 | N/A |
| SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php. | ||||
| CVE-2009-3644 | 2 Joomla, Soundset | 2 Joomla\!, Com Soundset | 2025-04-09 | N/A |
| SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php. | ||||
| CVE-2009-3645 | 2 Joomla, Joomlacache | 2 Joomla\!, Com Cbresumebuilder | 2025-04-09 | N/A |
| SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php. | ||||
| CVE-2009-3661 | 2 Blueconstantmedia, Joomla | 2 Com Djcatalog, Joomla | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | ||||
| CVE-2009-3669 | 2 Foobla, Joomla | 2 Com Foobla Suggestions, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | ||||
| CVE-2009-3817 | 2 Joomla, Ordasoft | 2 Joomla\!, Com Booklibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3834 | 2 Joomla, Webguerilla | 2 Joomla, Com Photoblog | 2025-04-09 | N/A |
| SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php. | ||||
| CVE-2009-2100 | 2 Joomla, Joomlapraise | 2 Joomla, Com Projectfork | 2025-04-09 | N/A |
| Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | ||||
| CVE-2009-3053 | 2 Joomla, Jvitals | 2 Joomla, Com Agora | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php. | ||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2025-04-09 | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | ||||
| CVE-2009-3971 | 2 Joomla, Jtips | 2 Joomla\!, Com Jtips | 2025-04-09 | N/A |
| SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. | ||||
| CVE-2009-3972 | 2 Joomla, Qproje | 2 Joomla\!, Com Siirler | 2025-04-09 | N/A |
| SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | ||||
| CVE-2009-4057 | 2 Inertialfate, Joomla | 2 Com If Nexus, Joomla\! | 2025-04-09 | N/A |
| SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action to index.php. | ||||