Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-10 | CVE-2008-2643 | SQL Injection vulnerability in Joomla COM Biblestudy SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | 7.5 |
| 2008-06-10 | CVE-2008-2633 | SQL Injection vulnerability in Joomla COM Joomradio and Joomla Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. | 7.5 |
| 2008-06-10 | CVE-2008-2632 | SQL Injection vulnerability in Joomla COM Acctexp and Joomla SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | 7.5 |
| 2008-06-10 | CVE-2008-2630 | SQL Injection vulnerability in Joomla COM JB2 0.1.1 SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php. | 7.5 |
| 2008-06-10 | CVE-2008-2628 | SQL Injection vulnerability in RON Liskey COM Equotes 0.9.4 SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2008-06-10 | CVE-2008-2627 | SQL Injection vulnerability in Joomla COM Idoblog SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | 7.5 |
| 2008-06-06 | CVE-2008-2569 | SQL Injection vulnerability in Joomla Easybook Component 1.1 SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | 7.5 |
| 2008-06-06 | CVE-2008-2568 | SQL Injection vulnerability in Joomla COM Simpleshop and Joomla SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php. | 7.5 |
| 2008-06-06 | CVE-2008-2564 | SQL Injection vulnerability in Joomla COM Jotloader and Joomla SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | 7.5 |
| 2008-05-27 | CVE-2008-2454 | SQL Injection vulnerability in Joomla COM XSStream-Dm 0.01Beta SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. | 7.5 |