Search Results (864 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2628 2 Joomla, Ron Liskey 2 Joomla, Com Equotes 2026-04-23 N/A
SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-2635 2 Joomla, Ordasoft 2 Joomla, Com Realestatemanager 2026-04-23 N/A
PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2008-2676 1 Joomla 2 Com News Portal, Joomla 2026-04-23 N/A
SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2008-6852 2 Joomla, Markus Donhauser 2 Joomla\!, Ice Gallery Component For Joomla 2026-04-23 N/A
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-6882 2 Joomla, Joompolitan 2 Joomla, Com Livechat 2026-04-23 N/A
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
CVE-2008-3226 1 Joomla 1 Joomla 2026-04-23 N/A
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
CVE-2008-3227 1 Joomla 1 Joomla 2026-04-23 N/A
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVE-2008-3228 1 Joomla 1 Joomla 2026-04-23 N/A
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
CVE-2008-3498 2 Joomla, Netshinesoftware 2 Joomla\!, Com Netinvoice 2026-04-23 N/A
SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-3054 2 Artetics, Joomla 2 Com Artportal, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
CVE-2008-6234 2 Joomla, Mambo-foundation 4 Com Musica, Joomla, Com Musica and 1 more 2026-04-23 N/A
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-7169 2 Jabode, Joomla 2 Com Jabode, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVE-2008-4103 1 Joomla 2 Com Mailto, Joomla 2026-04-23 N/A
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
CVE-2008-4122 1 Joomla 1 Joomla\! 2026-04-23 7.5 High
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVE-2008-5874 2 Joomla, Joomlahbs 4 Joomla, Com 5starhotels, Com Allhotels and 1 more 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.
CVE-2008-5051 2 Jooblog, Joomla 2 Jooblog, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
CVE-2008-4623 2 Joomla, Martin Diphoorn 2 Joomla, Com Ds-syndicate 2026-04-23 N/A
SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php.
CVE-2008-5208 2 Joomla, Mambo 3 Com Datsogallery, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
CVE-2008-4668 1 Joomla 2 Com Imagebrowser, Joomla 2026-04-23 N/A
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
CVE-2009-1258 2 Joomla, Rd-media 2 Joomla, Com Rdautos 2026-04-23 N/A
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.