Page 105 of 804 results (0.020 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-0373 – Joomla! Component com_libros - SQL Injection

https://notcve.org/view.php?id=CVE-2010-0373

SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente libros (com_libros) para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en una acción de detalle a index.php • https://www.exploit-db.com/exploits/11178 http://packetstormsecurity.org/1001-exploits/joomlalibros-sql.txt http://www.exploit-db.com/exploits/11178 https://exchange.xforce.ibmcloud.com/vulnerabilities/55696 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-0374 – Joomla! Component com_marketplace 1.2 - 'catid' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-0374

Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el componente Marketplace (com_marketplace) 1.2 para Joomla! permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "catid" en una acción "show_category" para index.php • https://www.exploit-db.com/exploits/33529 http://www.packetstormsecurity.com/1001-exploits/joomlamarketplace-xss.txt http://www.securityfocus.com/bid/37819 https://exchange.xforce.ibmcloud.com/vulnerabilities/55662 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4

CVE-2010-0372 – Joomla! Component com_articlemanager - SQL Injection

https://notcve.org/view.php?id=CVE-2010-0372

SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. Vulnerabilidad de inyección SQL en el componente Articlemanager para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "artid" en una acción display a index.php. • https://www.exploit-db.com/exploits/11140 http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt http://www.exploit-db.com/exploits/11140 http://www.securityfocus.com/bid/37799 https://exchange.xforce.ibmcloud.com/vulnerabilities/55664 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2009-4620 – Joomla! Component Joomloc 1.0 - 'id' SQL Injection

https://notcve.org/view.php?id=CVE-2009-4620

SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. Vulnerabilidad de inyección SQL en el componente Joomloc (com_joomloc) v1.0 de Joomla!. Permite a usuarios remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción "edit task" (editar tarea) de index.php. • https://www.exploit-db.com/exploits/9604 http://osvdb.org/57885 http://secunia.com/advisories/36654 http://www.exploit-db.com/exploits/9604 http://www.securityfocus.com/bid/36322 http://www.vupen.com/english/advisories/2009/2612 https://exchange.xforce.ibmcloud.com/vulnerabilities/53110 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

CVE-2009-4619

https://notcve.org/view.php?id=CVE-2009-4619

SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente Lucy Games (com_lucygames) v1.5.4 de Joomla!. Permite a usuarios remotos ejecutar comandos SQL de su elección a través de el parámetro "gameid" en una acción "game" de index.php. • http://www.exploit-db.com/exploits/9614 http://www.securityfocus.com/bid/36334 https://exchange.xforce.ibmcloud.com/vulnerabilities/53117 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •