Vulnerabilities > Joomla > High

DATE CVE VULNERABILITY TITLE RISK
2010-04-29 CVE-2010-1600 SQL Injection vulnerability in Thefactory COM Mediamall 1.0.4
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
network
low complexity
thefactory joomla CWE-89
7.5
7.5
2010-04-27 CVE-2010-1559 SQL Injection vulnerability in Martin Hess COM Sermonspeaker 3.2.1
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php.
network
low complexity
martin-hess joomla CWE-89
7.5
7.5
2010-04-26 CVE-2010-1535 Path Traversal vulnerability in Peter Hocherl COM Travelbook 1.0.1
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a ..
network
low complexity
peter-hocherl joomla CWE-22
7.5
7.5
2010-04-26 CVE-2010-1533 Path Traversal vulnerability in Peter Hocherl COM Tweetla 1.0.1
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a ..
network
low complexity
peter-hocherl joomla CWE-22
7.5
7.5
2010-04-26 CVE-2010-1531 Path Traversal vulnerability in Redcomponent COM Redshop
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a ..
network
low complexity
redcomponent joomla CWE-22
7.5
7.5
2010-04-26 CVE-2010-1529 SQL Injection vulnerability in Freestyle Faqs Lite 1.3
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php.
network
low complexity
freestyle joomla CWE-89
7.5
7.5
2010-04-23 CVE-2010-1496 SQL Injection vulnerability in Jolt COM Joltcard 1.2.1
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php.
network
low complexity
jolt joomla CWE-89
7.5
7.5
2010-04-23 CVE-2010-1495 Path Traversal vulnerability in Matamko COM Matamko 1.01
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a ..
network
low complexity
matamko joomla CWE-22
7.5
7.5
2010-04-23 CVE-2010-1493 SQL Injection vulnerability in Awdsolution COM Awdwall
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php.
network
low complexity
awdsolution joomla CWE-89
7.5
7.5
2010-04-21 CVE-2009-4789 Code Injection vulnerability in Mojoblog Rc0.15
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php.
network
low complexity
mojoblog joomla CWE-94
7.5
7.5