Shodan
Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
CVE-2007-4745
Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign function.
CVSS Score
4.3
EPSS Score
0.0
Published
2007-09-06
CVE-2007-4502
SQL injection vulnerability in index.php in the BibTeX component (com_jombib) 1.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the afilter parameter.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-08-23
CVE-2007-4503
SQL injection vulnerability in index.php in the Nice Talk component (com_nicetalk) 0.9.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the tagid parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2007-08-23
CVE-2007-4504
Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action.
CVSS Score
5.0
EPSS Score
0.001
Published
2007-08-23
CVE-2007-4506
SQL injection vulnerability in index.php in the NeoRecruit component (com_neorecruit) 1.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an offer_view action.
CVSS Score
7.5
EPSS Score
0.007
Published
2007-08-23
CVE-2007-4509
SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the did parameter in a details action.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-08-23
CVE-2007-4244
PHP remote file inclusion vulnerability in langset.php in J! Reactions (com_jreactions) 1.8.1 and earlier, a Joomla! component, allows remote attackers to execute arbitrary PHP code via a URL in the comPath parameter.
CVSS Score
7.5
EPSS Score
0.644
Published
2007-08-08
CVE-2007-4184
SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-08-08
CVE-2007-4185
Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages.
CVSS Score
5.0
EPSS Score
0.005
Published
2007-08-08
CVE-2007-4186
PHP remote file inclusion vulnerability in admin.tour_toto.php in the Tour de France Pool (com_tour_toto) 1.0.1 module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVSS Score
6.8
EPSS Score
0.003
Published
2007-08-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved