Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-0409
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Mzbservices Max.blog 1.0.6
1 EDB exploit
685
VMScore
CVE-2010-4638
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the q parameter in a submitSurvey action to ...
Iptechinside Com Jquarks4s 1.0.0
1 EDB exploit
755
VMScore
CVE-2010-4795
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third part...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
755
VMScore
CVE-2010-4865
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
Harmistechnology Com Jeguestbook 1.0
1 EDB exploit
435
VMScore
CVE-2010-4794
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote malicious users to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
505
VMScore
CVE-2010-2848
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the l parameter.
Gonzalo Maser Com Artforms 2.1b7.2
1 EDB exploit
755
VMScore
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
685
VMScore
CVE-2010-4517
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the char parameter in an item action to index.php.
Harmistechnology Com Jeauto 1.0
1 EDB exploit
755
VMScore
CVE-2010-4926
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php.
Timetrack Com Timetrack 1.2.4
1 EDB exploit
755
VMScore
CVE-2010-4941
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php.
Joomlamo Com Teams 1 1028 100809 1711
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »