Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-08-23 | CVE-2011-5112 | SQL Injection vulnerability in Blueflyingfish COM Alameda SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php. | 7.5 |
| 2012-08-14 | CVE-2011-5099 | SQL Injection vulnerability in Chillcreations MOD Ccnewsletter 1.0.7/1.0.8/1.0.9 SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2012-08-10 | CVE-2012-3554 | SQL Injection vulnerability in Rsgallery2 COM Rsgallery2 SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2012-07-03 | CVE-2012-2747 | Unspecified vulnerability in Joomla Joomla! Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking." | 7.5 |
| 2011-12-15 | CVE-2011-4829 | SQL Injection vulnerability in Barter-Sites COM Listing 1.3 SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. | 7.5 |
| 2011-12-15 | CVE-2011-4823 | SQL Injection vulnerability in Extensionsforjoomla COM Vikrealestate 1.0 Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php. | 7.5 |
| 2011-12-14 | CVE-2011-4808 | SQL Injection vulnerability in Joomlaextensions COM Hmcommunity SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. | 7.5 |
| 2011-11-29 | CVE-2011-4571 | SQL Injection vulnerability in Eaimproved COM Estateagent SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php. | 7.5 |
| 2011-11-29 | CVE-2011-4570 | SQL Injection vulnerability in Takeaweb COM Timereturns 2.0 SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | 7.5 |
| 2011-11-23 | CVE-2010-5056 | SQL Injection vulnerability in GBU Grafici COM Gbufacebook 1.0.5 SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | 7.5 |