Search Results (864 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1873 2 Joomla, Jvehicles 2 Joomla\!, Com Jvehicles 2025-04-11 N/A
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4971 2 Joomla, Videowhisper 2 Joomla\!, Php 2 Way Video Chat 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php.
CVE-2010-5042 2 Blueconstantmedia, Joomla 2 Com Djartgallery, Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1746 2 Joomla, Toolsjx 2 Joomla\!, Com Grid 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php.
CVE-2010-1739 1 Joomla 2 Com Newsfeeds, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
CVE-2010-1723 2 Joomla, Joomlacomponent.inetlanka 2 Joomla\!, Com Drawroot 2025-04-11 N/A
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1720 2 Joomla, Qproje 2 Joomla\!, Com Qpersonel 2025-04-11 N/A
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
CVE-2011-2710 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5.
CVE-2010-1719 2 Joomla, Moto-treks 2 Joomla\!, Com Mtfireeagle 2025-04-11 N/A
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1302 2 Decryptweb, Joomla 2 Com Dwgraphs, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-1718 2 Joomla, Lispeltuut 2 Joomla\!, Com Archeryscores 2025-04-11 N/A
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-2747 1 Joomla 1 Joomla\! 2025-04-11 N/A
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking."
CVE-2012-2902 2 Joomla, Ryan Demmer 2 Joomla\!, Joomla Content Editor 2025-04-11 N/A
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht.
CVE-2013-1454 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors."
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2025-04-11 N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2012-3828 1 Joomla 1 Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header.
CVE-2012-3829 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
CVE-2010-1715 2 Joomla, Pucit.edu 2 Joomla\!, Com Onlineexam 2025-04-11 N/A
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1714 2 Dev.pucit.edu.pk, Joomla 2 Com Arcadegames, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1980 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlaflickr 2025-04-11 N/A
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.