Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 13.1  Security Vulnerabilities
CVE-2010-1600
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVSS Score
7.5
EPSS Score
0.014
Published
2010-04-29
CVE-2010-1601
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVSS Score
5.0
EPSS Score
0.031
Published
2010-04-29
CVE-2010-1602
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
7.5
EPSS Score
0.01
Published
2010-04-29
CVE-2010-1603
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
7.5
EPSS Score
0.029
Published
2010-04-29
CVE-2010-1607
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
6.8
EPSS Score
0.03
Published
2010-04-29
CVE-2010-1559
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.001
Published
2010-04-27
CVE-2010-1540
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE: some of these details are obtained from third party information.
CVSS Score
5.0
EPSS Score
0.034
Published
2010-04-26
CVE-2010-1529
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2010-04-26
CVE-2010-1531
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVSS Score
7.5
EPSS Score
0.031
Published
2010-04-26
CVE-2010-1532
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
5.0
EPSS Score
0.009
Published
2010-04-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved