Page 11 of 113 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 3

CVE-2009-3215 – Joomla! Component IXXO Cart! Standalone and - SQL Injection

https://notcve.org/view.php?id=CVE-2009-3215

SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. Vulnerabilidad de inyección SQL en componentes IXXO Cart Standalone anterior v3.9.6.1, y IXXO Cart para Joomla! v1.0.x, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro parent. • https://www.exploit-db.com/exploits/9276 http://secunia.com/advisories/36009 http://www.davidsopas.com/2009/07/25/ixxo-cart-standalone-and-joomla-component-sql-injection http://www.exploit-db.com/exploits/9276 http://www.securityfocus.com/archive/1/505266/100/0/threaded http://www.securityfocus.com/bid/35810 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2009-3054 – Joomla! Component com_artportal 1.0 - 'portalid' SQL Injection

https://notcve.org/view.php?id=CVE-2009-3054

SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Artetics.com Art Portal (com_artportal) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro portalid en index.php. • https://www.exploit-db.com/exploits/9563 http://www.exploit-db.com/exploits/9563 http://www.securityfocus.com/bid/36206 https://exchange.xforce.ibmcloud.com/vulnerabilities/52962 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2009-3063 – Joomla! Component com_gameserver 1.0 - 'id' SQL Injection

https://notcve.org/view.php?id=CVE-2009-3063

SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. Vulnerabilidad de inyección SQL el componente Game Server(com_gameserver) v1.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "gamepanel" en una acción a index.php. • https://www.exploit-db.com/exploits/9571 http://www.exploit-db.com/exploits/9571 http://www.securityfocus.com/bid/36213 http://www.vupen.com/english/advisories/2009/2523 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

CVE-2008-6883 – Joomla! Component live chat - SQL Injection / Open Proxy

https://notcve.org/view.php?id=CVE-2008-6883

SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en el componente para Joomla! Live Chat v1.0 (com_livechat), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "last" a getChatRoom.php. • https://www.exploit-db.com/exploits/7441 http://secunia.com/advisories/33122 http://www.securityfocus.com/bid/32803 https://exchange.xforce.ibmcloud.com/vulnerabilities/47304 https://exchange.xforce.ibmcloud.com/vulnerabilities/52442 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

CVE-2008-6882 – Joomla! Component live chat - SQL Injection / Open Proxy

https://notcve.org/view.php?id=CVE-2008-6882

Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string. Componente Live Chat (com_livechat) v1.0 para Joomla! permite a los atacantes remotos usar la secuencia de comandos xmlhttp.php como un proxy HTTP abierto para esconder una actividad de escaner de la red o un escaner de redes internas a través de una petición GET con una URL completa en la pregunta. • https://www.exploit-db.com/exploits/7441 http://www.securityfocus.com/bid/32803 https://exchange.xforce.ibmcloud.com/vulnerabilities/47305 • CWE-20: Improper Input Validation •