Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 2.5.22  Security Vulnerabilities
CVE-2011-4570
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2011-11-29
CVE-2010-5048
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php.
CVSS Score
4.3
EPSS Score
0.063
Published
2011-11-23
CVE-2010-5053
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php.
CVSS Score
7.5
EPSS Score
0.006
Published
2011-11-23
CVE-2010-5056
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php.
CVSS Score
7.5
EPSS Score
0.016
Published
2011-11-23
CVE-2010-5032
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.
CVSS Score
7.5
EPSS Score
0.022
Published
2011-11-02
CVE-2010-5042
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
4.3
EPSS Score
0.008
Published
2011-11-02
CVE-2010-5043
SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php.
CVSS Score
6.0
EPSS Score
0.002
Published
2011-11-02
CVE-2010-5044
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
6.0
EPSS Score
0.005
Published
2011-11-02
CVE-2010-5028
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
CVSS Score
7.5
EPSS Score
0.171
Published
2011-11-02
CVE-2010-5022
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2011-11-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved