| Max CVSS | 7.5 | Min CVSS | 6.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-17378 | 7.5 |
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
|
14-11-2018 - 18:29 | 28-09-2018 - 00:29 | |
| CVE-2008-6524 | 6.5 |
resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords w
|
29-09-2017 - 01:33 | 25-03-2009 - 18:30 | |
| CVE-2008-6523 | 7.5 |
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbit
|
29-09-2017 - 01:33 | 25-03-2009 - 18:30 | |
| CVE-2010-4638 | 6.8 |
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a
|
31-12-2010 - 05:00 | 30-12-2010 - 21:00 |