CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3480
https://notcve.org/view.php?id=CVE-2009-3480
SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en el componente iCRM Basic (com_icrmbasic) v1.4.2.31 para Joomla! permite a los atacantes remotos ejecutar comandos SQL a través del parámetro p3 en index.php. • http://osvdb.org/58381 http://secunia.com/advisories/36892 http://www.securityfocus.com/bid/36533 https://exchange.xforce.ibmcloud.com/vulnerabilities/53493 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2009-3446 – Joomla! Component com_mytube (user_id) 1.0 Beta - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-3446
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php. Vulnerabilidad de inyección SQL en el componente MyRemote Video Gallery (com_mytube)v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "user_id" en una acción "videos" a index.php. • https://www.exploit-db.com/exploits/9733 http://www.exploit-db.com/exploits/9733 http://www.securityfocus.com/bid/36470 https://exchange.xforce.ibmcloud.com/vulnerabilities/53401 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 3CVE-2009-3434 – Joomla! / Mambo Component Tupinambis - SQL Injection
https://notcve.org/view.php?id=CVE-2009-3434
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php. Vulnerabilidad de inyección SQL en el componente Tupinambis (com_tupinambis) v1.0 para Mambo y Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "proyecto" en una acción "verproyecto" de index.php. • https://www.exploit-db.com/exploits/9832 http://packetstormsecurity.org/0909-exploits/mambojoomlatupinambis-sql.txt http://secunia.com/advisories/36848 http://www.securityfocus.com/bid/36511 http://www.vupen.com/english/advisories/2009/2730 https://exchange.xforce.ibmcloud.com/vulnerabilities/53454 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2CVE-2009-3443 – Joomla! Component Fastball 1.1.0 < 1.2 - 'league' SQL Injection
https://notcve.org/view.php?id=CVE-2009-3443
SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php. Vulnerabilidad de inyección SQL en el componente Fastball (com_fastball) v1.1.0 a la v1.2 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "league" al index.php. • https://www.exploit-db.com/exploits/9822 http://packetstormsecurity.org/0909-exploits/joomlafastball-sql.txt http://secunia.com/advisories/36878 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2009-3438 – Joomla! Component com_facebook - SQL Injection
https://notcve.org/view.php?id=CVE-2009-3438
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php. Vulnerabilidad de inyección SQL en el componente JoomlaFacebook (com_facebook) para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "id" en una acción "student" de index.php. • https://www.exploit-db.com/exploits/9833 https://www.exploit-db.com/exploits/33238 http://packetstormsecurity.org/0909-exploits/joomlafb-sql.txt http://www.securityfocus.com/bid/36484 http://www.vupen.com/english/advisories/2009/2731 https://exchange.xforce.ibmcloud.com/vulnerabilities/53437 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •