Search Results (876 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-5022 2 Harmistechnology, Joomla 2 Com Jesubmit, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVE-2010-5028 2 Harmistechnology, Joomla 2 Com Jejob, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
CVE-2010-5032 2 Joomla, Tamlyncreative 2 Joomla\!, Com Bfquiztrial 2025-04-11 N/A
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.
CVE-2010-5042 2 Blueconstantmedia, Joomla 2 Com Djartgallery, Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1878 2 Blueflyingfish.no-ip, Joomla 2 Com Orgchart, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1877 2 Joomla, Jtmreseller 2 Joomla\!, Com Jtm 2025-04-11 N/A
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php.
CVE-2010-1875 2 Com-property, Joomla 2 Com Properties, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1874 2 Com-property, Joomla 2 Com Properties, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1873 2 Joomla, Jvehicles 2 Joomla\!, Com Jvehicles 2025-04-11 N/A
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-4909 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php.
CVE-2010-1718 2 Joomla, Lispeltuut 2 Joomla\!, Com Archeryscores 2025-04-11 N/A
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2025-04-11 N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1715 2 Joomla, Pucit.edu 2 Joomla\!, Com Onlineexam 2025-04-11 N/A
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2023-23750 1 Joomla 1 Joomla\! 2025-03-29 6.3 Medium
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.
CVE-2024-21724 1 Joomla 1 Joomla\! 2025-03-29 6.1 Medium
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
CVE-2023-23751 1 Joomla 1 Joomla\! 2025-03-29 4.3 Medium
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.
CVE-2024-26279 1 Joomla 1 Joomla\! 2025-03-26 6.1 Medium
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
CVE-2024-21729 1 Joomla 1 Joomla\! 2025-03-26 6.1 Medium
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
CVE-2024-21730 1 Joomla 1 Joomla\! 2025-03-20 5.4 Medium
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
CVE-2024-26278 1 Joomla 1 Joomla\! 2025-03-14 4.6 Medium
The Custom Fields component not correctly filter inputs, leading to a XSS vector.