Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla 1.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-0730
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, ...
Gigcalendar Com Gigcalendar 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2011-4823
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
Extensionsforjoomla Com Vikrealestate 1.0
2 EDB exploits
5
CVSSv2
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
7.5
CVSSv2
CVE-2009-4598
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a category action to index.php.
Corephp Com Jphoto 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4784
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the treeId parameter to index.php.
Joaktree Com Joaktree 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-1219
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote malicious users to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Com Janews Com Janews 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-5113
SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Techdeluge Com Techfolio 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3434
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
Onestopjoomla Com Tupinambis 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3644
SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter to index.php.
Soundset Com Soundset 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
Toughtomato Com Ttvideo 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »