Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-18 | CVE-2009-4620 | SQL Injection vulnerability in Joomloc COM Joomloc 1.0 SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | 7.5 |
| 2010-01-18 | CVE-2009-4619 | SQL Injection vulnerability in Lucygames COM Lucygames 1.5.4 SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. | 7.5 |
| 2010-01-12 | CVE-2009-4604 | Code Injection vulnerability in Fernando Soares COM Mamboleto 2.0 PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2010-01-12 | CVE-2009-4599 | SQL Injection vulnerability in Joomshark COM Jsjobs 1.0.5.6 Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php. | 7.5 |
| 2010-01-12 | CVE-2009-4598 | SQL Injection vulnerability in Corephp COM Jphoto 1.0 SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php. | 7.5 |
| 2010-01-06 | CVE-2010-0157 | Path Traversal vulnerability in Joomlabiblestudy COM Biblestudy 6.1 Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2010-01-06 | CVE-2009-4583 | SQL Injection vulnerability in Joomla COM Dhforum SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php. | 7.5 |
| 2010-01-06 | CVE-2009-4576 | SQL Injection vulnerability in Cmstactics COM Beeheard SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php. | 7.5 |
| 2010-01-04 | CVE-2009-4550 | SQL Injection vulnerability in Kunena Forum 1.5.3/1.5.4 SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | 7.5 |
| 2009-12-30 | CVE-2009-4475 | SQL Injection vulnerability in Joomlub COM Joomlub SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php. | 7.5 |