Shodan
Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
CVE-2009-3334
SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-09-23
CVE-2009-3215
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-09-16
CVE-2009-3193
SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-09-15
CVE-2009-3154
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-09-10
CVE-2009-3155
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
CVSS Score
4.3
EPSS Score
0.008
Published
2009-09-10
CVE-2008-7169
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-09-08
CVE-2009-3063
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-09-03
CVE-2009-3053
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
CVSS Score
6.8
EPSS Score
0.016
Published
2009-09-03
CVE-2009-3054
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-09-03
CVE-2008-7033
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-08-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved