CVE-2008-0829 – Joomla! Component jooget 2.6.8 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-0829
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. Vulnerabilidad de inyección SQL en jooget.php del componente Joomlapixel Jooget! (com_jooget) 2.6.8 para Joomla! • https://www.exploit-db.com/exploits/5132 http://forum.joomlaitalia.com/index.php?topic=388.0 http://members.joomlapixel.eu/download/componenti/patch-jooget-2.6.8-sql-injection/details.html http://secunia.com/advisories/28998 http://www.securityfocus.com/bid/27836 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0810 – Joomla! / Mambo Component com_scheduling - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0810
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en el módulo com_scheduling para Joomla! y Mambo permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • https://www.exploit-db.com/exploits/31216 http://securityreason.com/securityalert/3662 http://www.securityfocus.com/archive/1/488269/100/0/threaded http://www.securityfocus.com/bid/27830 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0817 – Joomla! / Mambo Component Filebase - 'filecatid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0817
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. Vulnerabilidad de inyección SQL en el componente com_filebase para Joomla! y Mambo permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro filecatid en una acción selectfolder (elegir carpeta). • https://www.exploit-db.com/exploits/31215 http://securityreason.com/securityalert/3665 http://www.securityfocus.com/archive/1/488268/100/0/threaded http://www.securityfocus.com/archive/1/488284/100/0/threaded http://www.securityfocus.com/bid/27829 https://exchange.xforce.ibmcloud.com/vulnerabilities/40616 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0799 – Joomla! Component Quiz 0.81 - 'tid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0799
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. Vulnerabilidad de inyección SQL en index.php en el componente Quiz (com_quiz) 0.81 y anteriores para Mambo and Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro tid en una acción user_tst_shw. • https://www.exploit-db.com/exploits/5119 http://secunia.com/advisories/28980 http://www.securityfocus.com/bid/27808 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0801 – Joomla! Component paxxgallery 0.2 - 'iid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0801
SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter. Una vulnerabilidad de inyección SQL en el archivo index.php en el componente PAXXGallery (com_paxxgallery) versión 0.2 para Mambo y Joomla!, permite a los atacantes remotos ejecutar comandos SQL arbitrarios por medio de (1) el parámetro iid en una acción view, y posiblemente (2) el parámetro userid. • https://www.exploit-db.com/exploits/5117 http://www.securityfocus.com/bid/27811 https://exchange.xforce.ibmcloud.com/vulnerabilities/40497 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •