Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-27 | CVE-2008-6337 | SQL Injection vulnerability in Joomlaapps COM Volunteer 2.0 SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php. | 7.5 |
| 2009-02-24 | CVE-2009-0726 | SQL Injection vulnerability in Gigcalendar COM Gigcalendar 1.0 SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | 7.5 |
| 2009-02-23 | CVE-2009-0706 | SQL Injection vulnerability in Simple-Review COM Simple Review 1.3.5 SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | 7.5 |
| 2009-02-23 | CVE-2009-0702 | SQL Injection vulnerability in Phoca COM Phocadocumentation SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php. | 7.5 |
| 2009-02-21 | CVE-2008-6234 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2009-02-20 | CVE-2008-6221 | Code Injection vulnerability in Dadamailproject Dada Mail Manager 2.6 PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | 7.5 |
| 2009-02-19 | CVE-2008-6184 | SQL Injection vulnerability in Medialab-Karlsruhe Ownbiblio 1.5.3 SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php. | 7.5 |
| 2009-02-19 | CVE-2008-6182 | SQL Injection vulnerability in Joomla Ignitegallery SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php. | 7.5 |
| 2009-02-19 | CVE-2008-6181 | SQL Injection vulnerability in Mad4Media COM Mad4Joomla SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php. | 7.5 |
| 2009-02-19 | CVE-2008-6166 | SQL Injection vulnerability in Jmds COM Kbase 1.2 SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | 7.5 |