CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2008-1460 – Joomla! Component joovideo 1.2.2 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1460
SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente Joovideo (com_joovideo) 1.0 y 1.2.2 para Mambo and Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción detail (detalle) a index.php. • https://www.exploit-db.com/exploits/5277 http://secunia.com/advisories/29474 http://www.securityfocus.com/bid/28318 https://exchange.xforce.ibmcloud.com/vulnerabilities/41279 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2CVE-2008-1297 – Mambo Component eWriting 1.2.1 - 'cat' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1297
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. Vulnerabilidad de inyección SQL en index.php del módulo the eWriting (com_ewriting) 1.2.1 para Mambo y Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cat en una acción selectcat. • https://www.exploit-db.com/exploits/5226 http://secunia.com/advisories/29292 http://www.securityfocus.com/bid/28179 https://exchange.xforce.ibmcloud.com/vulnerabilities/41072 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 1CVE-2008-1137 – Mambo Component garyscookbook 1.1.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-1137
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de Inyección SQL en el componente Garys Cookbook (com_garyscookbook) 1.1.1 y anteriores para Mambo y Joomla!, que permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción de detalle al index.php. • https://www.exploit-db.com/exploits/5178 http://secunia.com/advisories/29090 http://www.securityfocus.com/archive/1/488696/100/100/threaded http://www.securityfocus.com/bid/27972 https://exchange.xforce.ibmcloud.com/vulnerabilities/40803 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-0849
https://notcve.org/view.php?id=CVE-2008-0849
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. Vulnerabilidad de inyección SQL en index.php del componente Downloads (com_downloads) para Mambo y Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cat en la función selectcat, un vector diferente que CVE-2008-0652. • http://securityreason.com/securityalert/3676 http://www.securityfocus.com/archive/1/488291/100/0/threaded http://www.securityfocus.com/bid/27860 https://exchange.xforce.ibmcloud.com/vulnerabilities/40621 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-0853 – Joomla! / Mambo Component com_detail - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0853
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. Una vulnerabilidad de inyección SQL en el componente com_detail para Joomla! • https://www.exploit-db.com/exploits/31226 http://securityreason.com/securityalert/3677 http://www.securityfocus.com/archive/1/488278/100/0/threaded http://www.securityfocus.com/archive/1/488325/100/0/threaded http://www.securityfocus.com/bid/27853 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •