Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-06 | CVE-2008-2095 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | 7.5 |
| 2008-05-06 | CVE-2008-2093 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | 7.5 |
| 2008-04-25 | CVE-2008-1935 | SQL Injection vulnerability in Joomla 1.0.4 SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | 7.5 |
| 2008-04-18 | CVE-2008-1890 | SQL Injection vulnerability in Azrul JOM Comment 2.0 SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-04-11 | CVE-2008-1733 | SQL Injection vulnerability in Pragmaticutopia COM Puarcade SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | 7.5 |
| 2008-03-28 | CVE-2008-1540 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-03-25 | CVE-2008-1505 | Code Injection vulnerability in Sstreamtv Custompages PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php. | 7.5 |
| 2008-03-24 | CVE-2008-1460 | SQL Injection vulnerability in Joomlapixel COM Joovideo 1.0/1.2.2 SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-03-24 | CVE-2008-1459 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-03-20 | CVE-2008-1427 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php. | 7.5 |