Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla 1.0.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19634
class.upload.php in verot.net class.upload up to and including 1.0.3 and 2.x up to and including 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
Verot Project Verot
Getk2 K2
1 Github repository
9.8
CVSSv3
CVE-2019-19576
class.upload.php in verot.net class.upload prior to 1.0.3 and 2.x prior to 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
Verot Project Verot
Getk2 K2
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-7179
SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter.
Squadmanagement Project Squadmanagement 1.0.3
1 EDB exploit
8.8
CVSSv3
CVE-2017-11364
The CMS installer in Joomla! prior to 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
Joomla Joomla\\! 1.0.13
Joomla Joomla\\! 1.0.14
Joomla Joomla\\! 1.0.15
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 1.5.16
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.6.2
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 1.0.1
Joomla Joomla\\! 1.0.3
Joomla Joomla\\! 1.0.10
Joomla Joomla\\! 1.0.12
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.12
NA
CVE-2013-7219
SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component prior to 1.0.9 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the answer_id[] parameter.
2glux Com Sexypolling
2glux Com Sexypolling 1.0.1
2glux Com Sexypolling 0.9.7
2glux Com Sexypolling 1.0.5
2glux Com Sexypolling 1.0.4
2glux Com Sexypolling 0.9.4
2glux Com Sexypolling 0.9.2
2glux Com Sexypolling 1.0.3
2glux Com Sexypolling 1.0.2
2glux Com Sexypolling 0.9.1
2glux Com Sexypolling 1.0.7
2glux Com Sexypolling 1.0.6
2glux Com Sexypolling 0.9.6
2glux Com Sexypolling 0.9.5
1 EDB exploit
NA
CVE-2010-2845
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php.
Schlu.net Com Quickfaq 1.0.3
1 EDB exploit
NA
CVE-2010-2129
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained fr...
Harmistechnology Com Jeajaxeventcalendar 1.0.1
Harmistechnology Com Jeajaxeventcalendar 1.0.3
1 EDB exploit
NA
CVE-2010-1980
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
Roberto Aloi Com Joomlaflickr 1.0.3
1 EDB exploit
NA
CVE-2010-1531
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
Redcomponent Com Redshop 1.0.8
Redcomponent Com Redshop 1.0.7
Redcomponent Com Redshop 1.0.6
Redcomponent Com Redshop 1.0.12
Redcomponent Com Redshop 1.0.11
Redcomponent Com Redshop 1.0.3
Redcomponent Com Redshop 1.0.2
Redcomponent Com Redshop 1.0.10
Redcomponent Com Redshop 1.0.9
Redcomponent Com Redshop 1.0.1
Redcomponent Com Redshop 1.0
Redcomponent Com Redshop 1.0.5
Redcomponent Com Redshop 1.0.4
1 EDB exploit
NA
CVE-2010-1081
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Corejoomla Com Communitypolls 1.5.1
Corejoomla Com Communitypolls 1.0.9
Corejoomla Com Communitypolls 1.0.4
Corejoomla Com Communitypolls 1.0.2
Corejoomla Com Communitypolls 1.0.8
Corejoomla Com Communitypolls 1.0.7
Corejoomla Com Communitypolls 1.0.6
Corejoomla Com Communitypolls 1.0.5
Corejoomla Com Communitypolls
Corejoomla Com Communitypolls 1.5.0
Corejoomla Com Communitypolls 1.0.3
Corejoomla Com Communitypolls 1.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »