Vulnerabilities > Thephpfactory

DATE CVE VULNERABILITY TITLE RISK
2019-06-19 CVE-2018-17386 SQL Injection vulnerability in Thephpfactory Micro Deal Factory 2.4.0
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2019-06-19 CVE-2018-17381 SQL Injection vulnerability in Thephpfactory Dutch Auction Factory 2.0.2
SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2019-06-19 CVE-2018-17374 SQL Injection vulnerability in Thephpfactory Auction Factory 4.5.5
SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17385 SQL Injection vulnerability in Thephpfactory Social Factory 3.8.3
SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17384 SQL Injection vulnerability in Thephpfactory Swap Factory 2.2.1
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17383 SQL Injection vulnerability in Thephpfactory Collection Factory 4.1.9
SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17382 SQL Injection vulnerability in Thephpfactory Jobs Factory 2.0.4
SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17380 SQL Injection vulnerability in Thephpfactory Article Factory Manager 4.3.9
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17379 SQL Injection vulnerability in Thephpfactory Raffle Factory 3.5.2
SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8
2018-09-28 CVE-2018-17378 SQL Injection vulnerability in Thephpfactory Penny Auction Factory 2.0.4
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
network
low complexity
thephpfactory CWE-89
critical
 9.8
9.8