Search Results (876 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0702 2 Joomla, Phoca 2 Joomla, Com Phocadocumentation 2026-04-23 N/A
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
CVE-2009-1279 1 Joomla 1 Joomla 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component.
CVE-2009-0494 2 Joomla, Mivaco 2 Joomla, Com Portfol 2026-04-23 N/A
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php.
CVE-2009-1736 1 Joomla 2 Com Gsticketsystem, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php.
CVE-2009-1939 1 Joomla 1 Joomla 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1940 1 Joomla 1 Joomla 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2099 2 Ijoomla, Joomla 2 Com Rssfeeder, Joomla 2026-04-23 N/A
SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to index.php.
CVE-2009-2100 2 Joomla, Joomlapraise 2 Joomla, Com Projectfork 2026-04-23 N/A
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
CVE-2009-2102 2 Com Jumi, Joomla 2 Com Jumi, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php.
CVE-2009-2239 1 Joomla 4 Com Casiino Blackjack, Com Casino Videopoker, Com Casinobase and 1 more 2026-04-23 N/A
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2009-2789 2 Joomla, Permis 2 Joomla, Com Groups 2026-04-23 N/A
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2390 2 F-cimag-in, Joomla 2 Com Bookflip, Joomla 2026-04-23 N/A
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
CVE-2009-4255 2 Joomla, Youjoomla 2 Joomla\!, You\!hostit\! 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php.
CVE-2009-2395 2 Joomla, Joomlaworks 2 Joomla\!, Com K2 2026-04-23 N/A
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
CVE-2009-2400 2 Fijiwebdesign, Joomla 2 Com Php, Joomla 2026-04-23 N/A
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-4576 2 Cmstactics, Joomla 2 Com Beeheard, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
CVE-2009-2567 2 Almondsoft, Joomla 2 Almond Classifieds, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-2601 2 Joomla, Joomlaequipment 2 Joomla\!, Juser 2026-04-23 N/A
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php.
CVE-2009-2607 2 Joomla, Pinme 2 Joomla, Com Pinboard 2026-04-23 N/A
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php.
CVE-2009-0421 1 Joomla 2 Com Eventing, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.