Vulnerabilities > Comdev
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-17 | CVE-2018-6368 | SQL Injection vulnerability in Comdev Jomestate PRO SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action. | 7.5 |
| 2009-02-23 | CVE-2008-6250 | SQL Injection vulnerability in Comdev web Blogger 4.1 SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. | 6.8 |
| 2008-04-17 | CVE-2008-1872 | SQL Injection vulnerability in Comdev News Publisher 4.1.2 SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. | 7.5 |
| 2007-06-06 | CVE-2007-3084 | Remote Security vulnerability in Comdev web Blogger 4.1 PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter, a different vector than CVE-2006-5441. | 7.5 |
| 2007-06-06 | CVE-2007-3081 | Remote Security vulnerability in Comdev Ecommerce 4.1 PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | 7.5 |
| 2006-11-22 | CVE-2006-6045 | Remote Security vulnerability in Comdev ONE Admin PRO 4.1 Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1 allow remote attackers to execute arbitrary PHP code via a URL in the path[skin] parameter to (1) adminfoot.php, (2) adminhead.php, or (3) adminlogin.php. network comdev | 6.8 |
| 2006-10-20 | CVE-2006-5441 | Remote Security vulnerability in Comdev web Blogger 4.1 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | 7.5 |
| 2006-10-20 | CVE-2006-5440 | Remote Security vulnerability in Comdev Form Designer 4.1 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | 7.5 |
| 2006-10-20 | CVE-2006-5439 | Code Injection vulnerability in Comdev Misc Tools 4.1 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Misc Tools 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | 7.5 |
| 2006-10-20 | CVE-2006-5438 | Remote Security vulnerability in Comdev Forum 4.1 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Forum 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | 7.5 |