Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-12 | CVE-2008-1297 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | 7.5 |
| 2008-03-04 | CVE-2008-1137 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-02-22 | CVE-2008-0918 | SQL Injection vulnerability in multiple products SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. | 7.5 |
| 2008-02-21 | CVE-2008-0855 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0854 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0853 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0849 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | 7.5 |
| 2008-02-20 | CVE-2008-0846 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | 7.5 |
| 2008-02-20 | CVE-2008-0844 | SQL Injection vulnerability in Joomla COM Pccookbook SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | 7.5 |
| 2008-02-20 | CVE-2008-0842 | SQL Injection vulnerability in Joomla COM Clasifier SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |