ReportizFlow
Filtered by vendor Joomla
Subscriptions
Total
959 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0839 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2026-04-23 | N/A |
| SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0841 | 2 Joomla, Mambo | 2 Com Ricette Component, Com Ricette Component | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0842 | 1 Joomla | 1 Com Clasifier | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-0844 | 1 Joomla | 1 Com Pccookbook | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2008-0849 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | ||||
| CVE-2008-0853 | 2 Joomla, Mambo | 2 Com Detail, Com Detail | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. | ||||
| CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | ||||
| CVE-2006-5040 | 1 Joomla | 2 Com Sef, Sef4040x | 2026-04-23 | N/A |
| Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2007-6362 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action. | ||||
| CVE-2009-2014 | 1 Joomla | 2 Com School, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | ||||
| CVE-2008-0918 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5041 | 1 Joomla | 2 Com Hotproperties, Hot Properties | 2026-04-23 | N/A |
| Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2007-4189 | 1 Joomla | 1 Joomla\! | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-7122 | 1 Joomla | 1 Bsq Sitestats | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter. | ||||
| CVE-2006-7123 | 1 Joomla | 1 Bsq Sitestats | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php. | ||||
| CVE-2006-7124 | 1 Joomla | 1 Bsq Sitestats | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter. | ||||
| CVE-2006-6833 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | ||||
| CVE-2007-0373 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via (1) the searchword parameter in certain files; the where parameter in (2) plugins/search/content.php or (3) plugins/search/weblinks.php; the text parameter in (4) plugins/search/contacts.php, (5) plugins/search/categories.php, or (6) plugins/search/sections.php; or (7) the email parameter in database/table/user.php, which is not properly handled by the check function. | ||||
| CVE-2009-2609 | 2 Amotools, Joomla | 2 Com Amocourse, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2026-04-23 | N/A |
| SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||