Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla  Security Vulnerabilities
CVE-2009-0702
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-02-23
CVE-2009-0706
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-02-23
CVE-2008-6234
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVSS Score
7.5
EPSS Score
0.0
Published
2009-02-21
CVE-2008-6221
PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.
CVSS Score
7.5
EPSS Score
0.071
Published
2009-02-20
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVSS Score
5.0
EPSS Score
0.016
Published
2009-02-20
CVE-2008-6181
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
CVSS Score
7.5
EPSS Score
0.007
Published
2009-02-19
CVE-2008-6184
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-02-19
CVE-2008-6172
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
CVSS Score
6.8
EPSS Score
0.073
Published
2009-02-19
CVE-2008-6166
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-02-19
CVE-2008-6148
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-02-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved