Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-13 | CVE-2010-1363 | SQL Injection vulnerability in Extremejoomla COM J-Projects SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. | 7.5 |
| 2010-04-12 | CVE-2010-1350 | SQL Injection vulnerability in Joomlaprojects COM JP Jobs 1.3.0/1.3.1 SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2010-04-09 | CVE-2010-1344 | SQL Injection vulnerability in Cookex COM Ckforms 1.3.3 SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | 7.5 |
| 2010-04-08 | CVE-2010-1306 | Path Traversal vulnerability in Roberto Aloi COM Joomlapicasa2 Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. | 7.5 |
| 2010-04-06 | CVE-2010-1265 | SQL Injection vulnerability in Ekith COM DCS Flashgames 2.0 SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
| 2010-03-23 | CVE-2010-1073 | SQL Injection vulnerability in Joshprakash COM Jembed SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. | 7.5 |
| 2010-03-23 | CVE-2010-1045 | SQL Injection vulnerability in Design-Cars COM Productbook 1.0.4 SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2010-03-16 | CVE-2010-0985 | Path Traversal vulnerability in Chris Simon COM Abbrev 1.1 Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2010-03-16 | CVE-2010-0981 | SQL Injection vulnerability in Templateplazza COM Tpjobs SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | 7.5 |
| 2010-03-16 | CVE-2010-0972 | Path Traversal vulnerability in G4J.Laoneo COM Gcalendar 2.1.5 Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |