Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla  Security Vulnerabilities
CVE-2009-1939
Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.0
Published
2009-06-05
CVE-2009-1940
Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.0
Published
2009-06-05
CVE-2009-1848
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-06-01
CVE-2009-1496
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
CVSS Score
5.0
EPSS Score
0.015
Published
2009-05-01
CVE-2009-1279
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component.
CVSS Score
2.6
EPSS Score
0.0
Published
2009-04-09
CVE-2009-1280
Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
6.8
EPSS Score
0.0
Published
2009-04-09
CVE-2009-1258
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-04-07
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-04-07
CVE-2008-6653
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-04-07
CVE-2008-6489
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-03-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved