Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-13 | CVE-2008-0746 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-02-12 | CVE-2008-0690 | SQL Injection vulnerability in Joomla COM Directory 2.3.2 SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | 7.5 |
| 2008-02-12 | CVE-2008-0689 | SQL Injection vulnerability in Joomla COM Marketplace 1.1.1/1.1.1Pl1 SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | 7.5 |
| 2008-02-12 | CVE-2008-0686 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-12 | CVE-2008-0670 | SQL Injection vulnerability in Joomla COM Noticias 1.0 SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | 7.5 |
| 2008-02-07 | CVE-2008-0653 | SQL Injection vulnerability in Joomla COM Ynews 1.0.0 SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | 7.5 |
| 2008-02-07 | CVE-2008-0652 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | 7.5 |
| 2008-02-06 | CVE-2008-0607 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0606 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0603 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | 7.5 |