Shodan
Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-01-31
CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-01-31
CVE-2008-0518
SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-01-31
CVE-2008-0519
SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-01-31
CVE-2007-6663
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.
CVSS Score
7.5
EPSS Score
0.021
Published
2008-01-04
CVE-2007-6642
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.0
Published
2008-01-04
CVE-2007-6643
Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.0
Published
2008-01-04
CVE-2007-6644
Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.
CVSS Score
6.5
EPSS Score
0.001
Published
2008-01-04
CVE-2007-6645
Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability."
CVSS Score
7.5
EPSS Score
0.002
Published
2008-01-04
CVE-2007-6362
SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved