Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla 1.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-0730
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, ...
Gigcalendar Com Gigcalendar 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2011-4823
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
Extensionsforjoomla Com Vikrealestate 1.0
2 EDB exploits
5
CVSSv2
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
7.5
CVSSv2
CVE-2009-3644
SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter to index.php.
Soundset Com Soundset 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6116
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the event parameter to index.php.
Extrosoft Com Thyme 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-1219
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote malicious users to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Com Janews Com Janews 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0726
SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php.
Gigcalendar Com Gigcalendar 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3434
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
Onestopjoomla Com Tupinambis 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-5113
SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Techdeluge Com Techfolio 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4598
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a category action to index.php.
Corephp Com Jphoto 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »