Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-07-28 | CVE-2009-2634 | Code Injection vulnerability in Ordasoft COM Medialibrary 1.5.3 PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2009-07-28 | CVE-2009-2633 | Code Injection vulnerability in Ordasoft COM Vehiclemanager 1.0 PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2009-07-27 | CVE-2009-2609 | SQL Injection vulnerability in Amotools COM Amocourse SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | 7.5 |
| 2009-07-27 | CVE-2009-2607 | SQL Injection vulnerability in Pinme COM Pinboard SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | 7.5 |
| 2009-07-27 | CVE-2009-2601 | SQL Injection vulnerability in Joomlaequipment Juser 2.0.4 SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | 7.5 |
| 2009-07-22 | CVE-2009-2567 | SQL Injection vulnerability in Almondsoft Almond Classifieds 5.6.2 SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2009-07-09 | CVE-2009-2400 | SQL Injection vulnerability in Fijiwebdesign COM PHP SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2009-07-09 | CVE-2009-2395 | SQL Injection vulnerability in Joomlaworks COM K2 SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. | 7.5 |
| 2009-07-09 | CVE-2009-2390 | SQL Injection vulnerability in F-Cimag-In COM Bookflip 2.1 SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php. | 7.5 |
| 2009-07-07 | CVE-2008-6852 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |