IDCVSSSummaryLast (major) updatePublished
CVE-2007-5362 6.8
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite (com_mosmedia) 4.5.1 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter
29-07-2017 - 01:33 11-10-2007 - 01:17
CVE-2009-1263 7.5
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
29-09-2017 - 01:34 07-04-2009 - 23:30
CVE-2009-3155 4.3
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
19-09-2017 - 01:29 10-09-2009 - 18:30
CVE-2009-3154 7.5
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-
19-09-2017 - 01:29 10-09-2009 - 18:30
CVE-2009-2609 7.5
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
19-09-2017 - 01:29 27-07-2009 - 18:30
CVE-2009-3054 7.5
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
19-09-2017 - 01:29 03-09-2009 - 17:30
CVE-2008-0561 7.5
SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
29-09-2017 - 01:30 04-02-2008 - 23:00
CVE-2008-1890 7.5
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solel
08-08-2017 - 01:30 18-04-2008 - 22:05
CVE-2009-0381 7.5
SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php.
29-09-2017 - 01:33 02-02-2009 - 19:00
CVE-2009-3661 6.8
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
19-09-2017 - 01:29 11-10-2009 - 22:30
CVE-2009-3318 7.5
Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
19-09-2017 - 01:29 23-09-2009 - 12:08
CVE-2008-6080 5.0
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
29-09-2017 - 01:32 06-02-2009 - 11:30
CVE-2007-5451 6.8
PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
29-09-2017 - 01:29 14-10-2007 - 18:17
CVE-2010-1219 6.8
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from
17-08-2017 - 01:32 30-03-2010 - 23:30
CVE-2009-2102 7.5
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php.
29-09-2017 - 01:34 17-06-2009 - 17:30
CVE-2009-4598 7.5
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php.
17-08-2017 - 01:31 12-01-2010 - 17:30
CVE-2008-6221 7.5
PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.
29-09-2017 - 01:33 20-02-2009 - 21:30
CVE-2008-0517 7.5
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
29-09-2017 - 01:30 31-01-2008 - 20:00
CVE-2010-1470 7.5
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
11-06-2010 - 04:00 19-04-2010 - 19:30
CVE-2008-5494 7.5
SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
29-09-2017 - 01:32 12-12-2008 - 16:30
CVE-2009-0373 7.5
SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php.
29-09-2017 - 01:33 30-01-2009 - 19:30
CVE-2008-6116 7.5
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php.
29-09-2017 - 01:32 11-02-2009 - 17:30
CVE-2009-2390 7.5
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
19-09-2017 - 01:29 09-07-2009 - 16:30
CVE-2009-3443 7.5
SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php.
29-09-2009 - 04:00 28-09-2009 - 22:30
CVE-2009-4604 7.5
PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
17-08-2017 - 01:31 12-01-2010 - 17:30
CVE-2009-2400 7.5
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
19-09-2017 - 01:29 09-07-2009 - 16:30
CVE-2009-3325 7.5
SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php.
19-09-2017 - 01:29 23-09-2009 - 12:08
CVE-2009-3669 7.5
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php.
19-09-2017 - 01:29 11-10-2009 - 22:30
CVE-2009-4099 7.5
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these deta
17-08-2017 - 01:31 29-11-2009 - 13:08
CVE-2009-0726 7.5
SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php.
29-09-2017 - 01:33 24-02-2009 - 23:30
CVE-2009-0730 6.8
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a detai
10-10-2018 - 19:30 24-02-2009 - 23:30
CVE-2008-6841 7.5
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfi
29-09-2017 - 01:33 01-07-2009 - 13:00
CVE-2008-6489 7.5
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
29-09-2017 - 01:33 19-03-2009 - 10:30
CVE-2009-2015 7.5
Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
29-09-2017 - 01:34 09-06-2009 - 19:30
CVE-2009-1496 5.0
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
29-09-2017 - 01:34 01-05-2009 - 16:30
CVE-2009-2099 7.5
SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to index.php.
29-09-2017 - 01:34 17-06-2009 - 17:30
CVE-2009-3063 7.5
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
19-09-2017 - 01:29 03-09-2009 - 17:30
CVE-2008-6050 7.5
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php.
29-09-2017 - 01:32 04-02-2009 - 15:30
CVE-2009-3481 7.5
A certain interface in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the det
01-10-2009 - 04:00 30-09-2009 - 15:30
CVE-2009-3480 7.5
SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the detail
17-08-2017 - 01:31 30-09-2009 - 15:30
CVE-2010-1217 4.3
Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NO
23-07-2013 - 08:57 30-03-2010 - 23:30
CVE-2009-3316 7.5
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
19-09-2017 - 01:29 23-09-2009 - 12:08
CVE-2009-2782 7.5
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
19-09-2017 - 01:29 17-08-2009 - 16:30
CVE-2008-6076 7.5
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
29-09-2017 - 01:32 06-02-2009 - 11:30
CVE-2008-6166 7.5
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
29-09-2017 - 01:33 19-02-2009 - 00:30
CVE-2008-5051 7.5
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
11-10-2018 - 20:53 13-11-2008 - 02:30
CVE-2008-5607 7.5
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
29-09-2017 - 01:32 16-12-2008 - 19:07
CVE-2008-2632 7.5
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.
29-09-2017 - 01:31 10-06-2008 - 00:32
CVE-2009-0377 7.5
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.
11-10-2018 - 21:01 02-02-2009 - 19:00
CVE-2009-0378 4.3
Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.
11-10-2018 - 21:01 02-02-2009 - 19:00
CVE-2008-5643 7.5
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
29-09-2017 - 01:32 17-12-2008 - 18:30
CVE-2009-2239 7.5
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands
19-09-2017 - 01:29 27-06-2009 - 18:48
CVE-2010-0461 6.5
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php. Exploit PoC reference links indicate
17-08-2017 - 01:32 28-01-2010 - 20:30
CVE-2008-6923 7.5
SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php.
29-09-2017 - 01:33 10-08-2009 - 18:30
CVE-2008-5208 7.5
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
29-09-2017 - 01:32 24-11-2008 - 17:30
CVE-2009-0421 7.5
SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
29-09-2017 - 01:33 05-02-2009 - 00:30
CVE-2008-2990 7.5
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.
29-09-2017 - 01:31 02-07-2008 - 17:14
CVE-2008-4668 9.0
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
29-09-2017 - 01:32 22-10-2008 - 10:30
CVE-2008-2633 7.5
Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php.
11-10-2018 - 20:41 10-06-2008 - 00:32
CVE-2008-2564 7.5
SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
29-09-2017 - 01:31 06-06-2008 - 18:32
CVE-2008-4777 7.5
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.
11-10-2018 - 20:52 29-10-2008 - 14:22
CVE-2008-6234 7.5
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
11-10-2018 - 20:57 21-02-2009 - 01:30
CVE-2008-6430 7.5
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
29-09-2017 - 01:33 06-03-2009 - 18:30
CVE-2008-2676 7.5
SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
29-09-2017 - 01:31 12-06-2008 - 12:21
CVE-2008-5811 7.5
SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
29-09-2017 - 01:32 02-01-2009 - 18:11
CVE-2009-0379 7.5
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761
29-09-2017 - 01:33 02-02-2009 - 19:00
CVE-2009-0329 7.5
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.
29-09-2017 - 01:33 29-01-2009 - 18:30
CVE-2009-2014 7.5
SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php.
29-09-2017 - 01:34 09-06-2009 - 19:30
CVE-2007-5427 4.3
Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1.
15-10-2018 - 21:44 12-10-2007 - 23:17
CVE-2008-2568 7.5
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php.
19-10-2017 - 01:30 06-06-2008 - 18:32
CVE-2009-0333 7.5
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
19-10-2017 - 01:30 29-01-2009 - 18:30
CVE-2008-5200 7.5
SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
29-09-2017 - 01:32 21-11-2008 - 17:30
CVE-2009-0380 7.5
** DISPUTED ** SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index
29-09-2017 - 01:33 02-02-2009 - 19:00
CVE-2010-0158 7.5
** DISPUTED ** SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to the com_content component, reachable through
05-02-2010 - 05:00 06-01-2010 - 22:00
CVE-2010-0694 7.5
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php.
17-08-2017 - 01:32 23-02-2010 - 18:30
CVE-2009-0113 5.0
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
29-09-2017 - 01:33 09-01-2009 - 18:30
CVE-2009-0702 7.5
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
29-09-2017 - 01:33 23-02-2009 - 15:30
CVE-2010-0696 5.0
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
21-08-2013 - 06:18 23-02-2010 - 18:30
CVE-2008-0829 7.5
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
29-09-2017 - 01:30 19-02-2008 - 21:44
CVE-2008-1460 7.5
SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
29-09-2017 - 01:30 24-03-2008 - 18:44
CVE-2009-0494 7.5
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php.
29-09-2017 - 01:33 10-02-2009 - 01:30
CVE-2006-1049 7.5
Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors.
08-09-2011 - 04:00 07-03-2006 - 11:02
CVE-2009-0420 7.5
SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
29-09-2017 - 01:33 05-02-2009 - 00:30
CVE-2009-1258 7.5
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details a
17-08-2017 - 01:30 07-04-2009 - 23:30
CVE-2008-1459 7.5
SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
29-09-2017 - 01:30 24-03-2008 - 18:44
CVE-2009-0706 7.5
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
17-08-2017 - 01:29 23-02-2009 - 15:30
CVE-2008-1505 7.5
PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php.
29-09-2017 - 01:30 25-03-2008 - 19:44
CVE-2009-2554 6.8
SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter
19-09-2017 - 01:29 20-07-2009 - 20:00
CVE-2009-2634 7.5
PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
19-09-2017 - 01:29 28-07-2009 - 19:30
CVE-2009-3332 7.5
SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php.
19-09-2017 - 01:29 23-09-2009 - 12:08
CVE-2009-1848 7.5
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.
29-09-2017 - 01:34 01-06-2009 - 19:30
CVE-2009-2638 7.5
SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php.
19-09-2017 - 01:29 28-07-2009 - 19:30
CVE-2009-3053 6.8
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable thro
19-09-2017 - 01:29 03-09-2009 - 17:30
CVE-2009-3193 7.5
SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php.
19-09-2017 - 01:29 15-09-2009 - 21:30
CVE-2008-3228 7.5
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2009-2637 7.5
PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
19-09-2017 - 01:29 28-07-2009 - 19:30
CVE-2008-3226 5.0
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2009-3446 7.5
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
19-09-2017 - 01:29 28-09-2009 - 22:30
CVE-2009-2789 7.5
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the d
17-08-2017 - 01:30 17-08-2009 - 16:30
CVE-2008-1533 6.8
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors.
08-08-2017 - 01:30 28-03-2008 - 00:44
CVE-2009-2635 7.5
PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
19-09-2017 - 01:29 28-07-2009 - 19:30
CVE-2008-3225 10.0
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2009-3434 7.5
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
17-08-2017 - 01:31 28-09-2009 - 22:30
CVE-2006-4475 7.5
Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown impact and attack vectors.
08-03-2011 - 02:41 31-08-2006 - 20:04
CVE-2008-1848 4.3
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.
29-09-2017 - 01:30 16-04-2008 - 17:05
CVE-2009-2633 7.5
PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
19-09-2017 - 01:29 28-07-2009 - 19:30
CVE-2009-3438 7.5
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
17-08-2017 - 01:31 28-09-2009 - 22:30
CVE-2008-3227 7.5
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2009-2607 7.5
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php.
19-09-2017 - 01:29 27-07-2009 - 18:30
CVE-2006-4466 5.0
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be arg
11-10-2011 - 04:00 31-08-2006 - 20:04
CVE-2008-1849 5.0
Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action.
29-09-2017 - 01:30 16-04-2008 - 17:05
CVE-2008-2628 7.5
SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
29-09-2017 - 01:31 10-06-2008 - 00:32
CVE-2006-4476 7.5
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Im
08-03-2011 - 02:41 31-08-2006 - 20:04
CVE-2008-1733 7.5
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php.
11-10-2018 - 20:36 11-04-2008 - 19:05
CVE-2009-2100 5.0
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
29-09-2017 - 01:34 17-06-2009 - 17:30
CVE-2006-4473 5.1
Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks.
08-03-2011 - 02:41 31-08-2006 - 20:04
CVE-2006-4474 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.
20-07-2017 - 01:33 31-08-2006 - 20:04
CVE-2009-3835 7.5
SQL injection vulnerability in the JShop (com_jshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php.
17-08-2017 - 01:31 02-11-2009 - 15:30
CVE-2009-3834 7.5
SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php.
17-08-2017 - 01:31 02-11-2009 - 15:30
CVE-2009-3357 7.5
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid parameters to longDesc.php,
10-10-2018 - 19:43 24-09-2009 - 16:30
CVE-2010-3028 3.6
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files.
17-08-2017 - 01:32 16-08-2010 - 20:00
CVE-2009-4573 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_
17-08-2017 - 01:31 06-01-2010 - 22:00
CVE-2008-5226 7.5
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5
29-09-2017 - 01:32 25-11-2008 - 19:30
CVE-2009-4599 7.5
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter
17-08-2017 - 01:31 12-01-2010 - 17:30
CVE-2007-5065 7.5
PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
29-09-2017 - 01:29 24-09-2007 - 22:17
CVE-2007-5389 6.8
** DISPUTED ** PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: a rel
15-10-2018 - 21:44 12-10-2007 - 10:17
CVE-2008-5865 7.5
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to inde
29-09-2017 - 01:32 06-01-2009 - 17:30
CVE-2008-6184 7.5
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.
29-09-2017 - 01:33 19-02-2009 - 18:30
CVE-2009-4428 7.5
SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php.
17-08-2017 - 01:31 28-12-2009 - 19:00
CVE-2008-5875 7.5
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
29-09-2017 - 01:32 08-01-2009 - 19:30
CVE-2008-6088 7.5
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.
29-09-2017 - 01:32 06-02-2009 - 19:30
CVE-2007-5410 6.8
PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site param
15-10-2018 - 21:44 12-10-2007 - 18:17
CVE-2008-5793 6.8
Multiple PHP remote file inclusion vulnerabilities in the Clickheat - Heatmap stats (com_clickheat) component 1.0.1 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a
29-09-2017 - 01:32 31-12-2008 - 11:30
CVE-2008-6883 7.5
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the detai
29-09-2017 - 01:33 30-07-2009 - 20:00
CVE-2007-5457 6.8
Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_pa
15-10-2018 - 21:44 14-10-2007 - 19:17
CVE-2008-6337 7.5
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php.
29-09-2017 - 01:33 27-02-2009 - 17:30
CVE-2008-4623 7.5
SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php.
29-09-2017 - 01:32 21-10-2008 - 01:18
CVE-2008-5790 7.5
Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions (com_competitions) component 1.0 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a) add.
29-09-2017 - 01:32 31-12-2008 - 11:30
CVE-2008-6429 7.5
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php.
29-09-2017 - 01:33 06-03-2009 - 18:30
CVE-2007-5309 6.8
PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parame
29-09-2017 - 01:29 09-10-2007 - 21:17
CVE-2008-6347 7.5
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
29-09-2017 - 01:33 02-03-2009 - 16:30
CVE-2008-4617 7.5
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
29-09-2017 - 01:32 20-10-2008 - 20:00
CVE-2007-5363 6.8
PHP remote file inclusion vulnerability in admin.panoramic.php in the Panoramic Picture Viewer (com_panoramic) mambot (plugin) 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE
29-07-2017 - 01:33 11-10-2007 - 01:17
CVE-2008-5957 7.5
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
11-10-2018 - 20:56 23-01-2009 - 19:00
CVE-2008-6172 6.8
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal
29-09-2017 - 01:33 19-02-2009 - 16:30
CVE-2008-6222 5.0
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
19-10-2017 - 01:30 20-02-2009 - 21:30
CVE-2008-6481 7.5
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
29-09-2017 - 01:33 17-03-2009 - 19:30
CVE-2008-6882 7.5
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
29-09-2017 - 01:33 30-07-2009 - 19:30
CVE-2008-6299 3.5
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module a
17-08-2017 - 01:29 26-02-2009 - 16:17
CVE-2008-5789 7.5
Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator (com_feederator) component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) mosConfig_absolute_path parameter to (a) add
29-09-2017 - 01:32 31-12-2008 - 11:30
CVE-2008-6068 7.5
SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php.
29-09-2017 - 01:32 10-02-2009 - 06:59
CVE-2008-6148 7.5
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php.
19-10-2017 - 01:30 16-02-2009 - 17:30
CVE-2008-5874 7.5
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (
29-09-2017 - 01:32 08-01-2009 - 19:30
CVE-2008-6483 7.5
PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component 1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_ab
29-09-2017 - 01:33 18-03-2009 - 15:30
CVE-2007-6663 7.5
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter
29-09-2017 - 01:30 04-01-2008 - 11:46
CVE-2008-5671 7.5
PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
11-10-2018 - 20:56 19-12-2008 - 01:52
CVE-2008-5864 7.5
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails a
29-09-2017 - 01:32 06-01-2009 - 17:30
CVE-2009-4789 7.5
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.
03-06-2010 - 04:00 21-04-2010 - 14:30
CVE-2007-5310 6.8
PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path param
29-09-2017 - 01:29 09-10-2007 - 21:17
CVE-2008-6181 7.5
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
29-09-2017 - 01:33 19-02-2009 - 18:30
CVE-2008-6149 7.5
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php.
11-10-2018 - 20:56 16-02-2009 - 17:30
CVE-2008-6482 6.8
PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site parameter.
29-09-2017 - 01:33 18-03-2009 - 15:30
CVE-2008-6653 7.5
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
29-09-2017 - 01:33 07-04-2009 - 14:17
Back to Top Mark selected
Back to Top