Vulnerabilities > Harmistechnology

DATE CVE VULNERABILITY TITLE RISK
2011-10-05 CVE-2010-4862 SQL Injection vulnerability in Harmistechnology COM Jedirectory 1.0
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
network
low complexity
harmistechnology joomla CWE-89
7.5
2011-02-01 CVE-2010-4720 SQL Injection vulnerability in Harmistechnology COM Jeauto
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
network
low complexity
harmistechnology joomla CWE-89
7.5
2010-12-09 CVE-2010-4517 SQL Injection vulnerability in Harmistechnology COM Jeauto 1.0
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php.
6.8
2010-12-01 CVE-2010-4365 SQL Injection vulnerability in Harmistechnology COM Jeajaxeventcalendar
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
network
low complexity
harmistechnology joomla CWE-89
7.5
2010-07-12 CVE-2010-2680 Path Traversal vulnerability in Harmistechnology COM Jesectionfinder
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
6.8
2010-07-02 CVE-2010-2613 Cross-Site Scripting vulnerability in Harmistechnology COM AWD Song
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php.
4.3
2010-06-28 CVE-2010-2513 SQL Injection vulnerability in Harmistechnology COM Jeajaxeventcalendar 1.0.5
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
network
low complexity
harmistechnology joomla CWE-89
7.5
2010-06-01 CVE-2010-2129 Path Traversal vulnerability in Harmistechnology COM Jeajaxeventcalendar 1.0.1/1.0.3
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a ..
6.8
2010-06-01 CVE-2010-2128 Path Traversal vulnerability in Harmistechnology COM Jequoteform 1.0
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a ..
network
low complexity
harmistechnology joomla CWE-22
7.5
2010-03-02 CVE-2010-0796 SQL Injection vulnerability in Harmistechnology COM Jeeventcalendar 1.0
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php.
network
low complexity
harmistechnology joomla CWE-89
7.5