Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-07-28 | CVE-2010-2910 | SQL Injection vulnerability in Alexred COM Oziogallery SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 7.5 |
| 2010-07-28 | CVE-2010-2908 | SQL Injection vulnerability in Joomdle COM Joomdle SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | 7.5 |
| 2010-07-28 | CVE-2010-2907 | SQL Injection vulnerability in Huruhelpdesk COM Huruhelpdesk SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. | 7.5 |
| 2010-07-25 | CVE-2010-2851 | SQL Injection vulnerability in Ordasoft COM Booklibrary 1.5 SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | 7.5 |
| 2010-07-25 | CVE-2010-2847 | SQL Injection vulnerability in Gonzalo Maser COM Artforms 2.1B7.2 Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php. | 7.5 |
| 2010-07-25 | CVE-2010-2845 | SQL Injection vulnerability in Schlu.Net COM Quickfaq 1.0.3 SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. | 7.5 |
| 2010-07-22 | CVE-2009-4938 | SQL Injection vulnerability in Warphd COM Jvideo SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | 7.5 |
| 2010-07-12 | CVE-2010-2694 | SQL Injection vulnerability in Redcomponent COM Redshop 1.0 SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php. | 7.5 |
| 2010-07-12 | CVE-2010-2690 | SQL Injection vulnerability in Jooforge COM Gamesbox 1.0.2 SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php. | 7.5 |
| 2010-07-12 | CVE-2010-2682 | Path Traversal vulnerability in Realtyna COM Realtyna 1.0.15 Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 7.5 |