Vulnerabilities > Joomla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-11-23 | CVE-2010-5053 | SQL Injection vulnerability in PHP-Shop-System COM Xobbix 1.0.1 SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | 7.5 |
| 2011-11-02 | CVE-2010-5032 | SQL Injection vulnerability in Tamlyncreative COM Bfquiztrial SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | 7.5 |
| 2011-11-02 | CVE-2010-5028 | SQL Injection vulnerability in Harmistechnology COM Jejob 1.0 SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | 7.5 |
| 2011-11-02 | CVE-2010-5022 | SQL Injection vulnerability in Harmistechnology COM Jesubmit 1.4 SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | 7.5 |
| 2011-11-01 | CVE-2010-5003 | SQL Injection vulnerability in Autartica COM Autartimonial 1.0.8 SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. | 7.5 |
| 2011-11-01 | CVE-2010-4995 | SQL Injection vulnerability in Neojoomla COM Neorecruit 1.6.4 SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | 7.5 |
| 2011-11-01 | CVE-2010-4994 | SQL Injection vulnerability in Instantphp Jobs PRO 1.6.4 SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | 7.5 |
| 2011-11-01 | CVE-2010-4993 | SQL Injection vulnerability in KAY Messerschmidt COM Eventcal 1.6.4 SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 7.5 |
| 2011-11-01 | CVE-2010-4992 | SQL Injection vulnerability in Paymentsplus Payments Plus 2.1.5 SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | 7.5 |
| 2011-11-01 | CVE-2010-4991 | SQL Injection vulnerability in Ninjaforge Ninjamonials SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | 7.5 |