Shodan
Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
CVE-2010-3203
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.
CVSS Score
5.0
EPSS Score
0.023
Published
2010-09-03
CVE-2010-3028
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files.
CVSS Score
3.6
EPSS Score
0.001
Published
2010-08-16
CVE-2010-2923
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-30
CVE-2010-2918
PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVSS Score
7.5
EPSS Score
0.016
Published
2010-07-30
CVE-2010-2919
SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2010-07-30
CVE-2010-2920
Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVSS Score
6.8
EPSS Score
0.02
Published
2010-07-30
CVE-2010-2921
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2010-07-30
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
CVSS Score
7.5
EPSS Score
0.005
Published
2010-07-28
CVE-2010-2910
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2010-07-28
CVE-2010-2907
SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2010-07-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved