Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-03-08 | CVE-2010-0945 | SQL Injection vulnerability in Hotbrackets COM Hotbrackets SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2010-03-08 | CVE-2009-4679 | Path Traversal vulnerability in Inertialfate COM IF Nexus 1.5 Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2010-03-02 | CVE-2010-0803 | SQL Injection vulnerability in Jvideodirect COM Jvideodirect 1.1 SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. | 7.5 |
| 2010-03-02 | CVE-2010-0800 | SQL Injection vulnerability in Joomservices COM DMS 2.5.1 SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. | 7.5 |
| 2010-03-02 | CVE-2010-0796 | SQL Injection vulnerability in Harmistechnology COM Jeeventcalendar 1.0 SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. | 7.5 |
| 2010-03-02 | CVE-2010-0795 | SQL Injection vulnerability in Harmistechnology COM Jeeventcalendar 1.0 SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. | 7.5 |
| 2010-02-27 | CVE-2010-0759 | Path Traversal vulnerability in Greatjoomla Scriptegrator Plugin 1.4.1 Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760. | 7.5 |
| 2010-02-27 | CVE-2010-0753 | SQL Injection vulnerability in Componentslab COM Sqlreport 1.1 SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. | 7.5 |
| 2010-02-23 | CVE-2010-0694 | SQL Injection vulnerability in Percha COM Perchagallery SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. | 7.5 |
| 2010-02-23 | CVE-2010-0692 | SQL Injection vulnerability in Iptechinside COM Jquarks 0.2.2/0.2.3 SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |