Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-22 | CVE-2009-4650 | SQL Injection vulnerability in Onnogroen COM Webeecomment 1.1.1/1.2/2.0 SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. | 7.5 |
| 2010-02-12 | CVE-2010-0635 | SQL Injection vulnerability in Jevents Search Plugin SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-02-12 | CVE-2010-0632 | SQL Injection vulnerability in Parkviewconsultants COM Simplefaq SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php. | 7.5 |
| 2010-02-11 | CVE-2010-0610 | SQL Injection vulnerability in Webguerilla COM Photoblog Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. | 7.5 |
| 2010-01-28 | CVE-2010-0459 | SQL Injection vulnerability in Yoflash COM Mochigames 0.51 SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2010-01-28 | CVE-2010-0456 | SQL Injection vulnerability in Indianpulses COM Gameserver 1.2 SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php. | 7.5 |
| 2010-01-21 | CVE-2010-0373 | SQL Injection vulnerability in Joomla COM Libros SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2010-01-21 | CVE-2010-0372 | SQL Injection vulnerability in Hong Chuyen COM Articlemanager SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. | 7.5 |
| 2010-01-18 | CVE-2009-4628 | SQL Injection vulnerability in Templateplaza COM Tpdugg 1.1 SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | 7.5 |
| 2010-01-18 | CVE-2009-4625 | SQL Injection vulnerability in Tamlyncreative COM Bfsurvey Profree 1.2.4 SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | 7.5 |