Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla  Security Vulnerabilities
CVE-2009-0377
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.
CVSS Score
7.5
EPSS Score
0.0
Published
2009-02-02
CVE-2009-0378
Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.
CVSS Score
4.3
EPSS Score
0.001
Published
2009-02-02
CVE-2009-0379
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761.
CVSS Score
7.5
EPSS Score
0.0
Published
2009-02-02
CVE-2009-0380
SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2
CVSS Score
7.5
EPSS Score
0.002
Published
2009-02-02
CVE-2009-0381
SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-02-02
CVE-2009-0373
SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-01-30
CVE-2009-0329
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.
CVSS Score
7.5
EPSS Score
0.0
Published
2009-01-29
CVE-2009-0333
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
CVSS Score
7.5
EPSS Score
0.0
Published
2009-01-29
CVE-2008-5957
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-01-23
CVE-2009-0113
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
CVSS Score
5.0
EPSS Score
0.001
Published
2009-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved