CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2008-6182 – Joomla! Component Ignite Gallery 0.8.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6182
SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php. Vulnerabilidad de inyección SQL en el componente Ignite Gallery (com_ignitegallery) v0.8.0 hasta v0.8.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "gallery" en una acción "view" de index.php. • https://www.exploit-db.com/exploits/6723 http://secunia.com/advisories/32240 http://www.securityfocus.com/bid/31714 https://exchange.xforce.ibmcloud.com/vulnerabilities/45816 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6172 – Joomla! Component RWCards 3.0.11 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2008-6172
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. Vulnerabilidad de salto de directorio en el captcha/captcha_image.php en el componente para Joomla! RWCards (com_rwcards) v3.0.11 cuando magic_quotes_gpc esta desactivado, lo que permite atacantes remotos incluir y ejecutar localmente ficheros a su elección a través de secuencias de salto de directorio en el parámetro "img". • https://www.exploit-db.com/exploits/6817 http://secunia.com/advisories/32367 http://www.securityfocus.com/bid/31892 https://exchange.xforce.ibmcloud.com/vulnerabilities/46081 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6166 – Joomla! Component Kbase 1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6166
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. Vulnerabilidad de inyección SQL en el componente KBase (com_kbase) v1.2 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en una acción "article" a index.php. • https://www.exploit-db.com/exploits/6827 http://secunia.com/advisories/32365 http://www.securityfocus.com/bid/31902 https://exchange.xforce.ibmcloud.com/vulnerabilities/46076 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6148 – Joomla! Component Live Ticker 1.0 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-6148
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php. Una vulnerabilidad de inyección de SQL en el componente Live Ticker (com_liveticker) 1.0 de Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro tid en una acción viewticker en index.php. • https://www.exploit-db.com/exploits/7573 http://secunia.com/advisories/33312 http://www.securityfocus.com/bid/33010 https://exchange.xforce.ibmcloud.com/vulnerabilities/47605 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2008-6149 – Joomla! Component mDigg 2.2.8 - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2008-6149
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php. Una vulnerabilidad de inyección de SQL en el componente mDigg (com_mdigg) 2.2.8 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro cagtegory en una acción story_lists en index.php. • https://www.exploit-db.com/exploits/7574 https://www.exploit-db.com/exploits/17464 http://secunia.com/advisories/33306 http://www.osvdb.org/51005 http://www.securityfocus.com/archive/1/499618/100/0/threaded http://www.securityfocus.com/bid/33009 https://exchange.xforce.ibmcloud.com/vulnerabilities/47612 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •