CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6116 – Joomla! Component Thyme 1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6116
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. Vulnerabilidad de inyección SQL en el componente EXtrovert Software Thyme (com_thyme)v1.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "event" al index.php. • https://www.exploit-db.com/exploits/7182 http://www.securityfocus.com/bid/32417 https://exchange.xforce.ibmcloud.com/vulnerabilities/46777 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0494 – Joomla! Component Portfol 1.2 - 'vcatid' SQL Injection
https://notcve.org/view.php?id=CVE-2009-0494
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php. Vulnerabilidad de inyección SQL en el componente Portfol (com_portfol) v1.2 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro vcatid en una acción viewcategory en index.php. • https://www.exploit-db.com/exploits/7734 http://www.securityfocus.com/bid/33218 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6088 – Joomla! Component Joomtracker 1.01 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6088
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. Vulnerabilidad de inyección SQL en el módulo Joomtracker (com_joomtracker) v1.01 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en una acción tordetails en index.php. • https://www.exploit-db.com/exploits/6709 http://www.securityfocus.com/bid/31676 https://exchange.xforce.ibmcloud.com/vulnerabilities/45798 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6076 – Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-6076
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Vulnerabilidad de inyección SQL en el componente Daily Message (com_dailymessage) v1.0.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en index.php. • https://www.exploit-db.com/exploits/6802 http://www.securityfocus.com/bid/31870 https://exchange.xforce.ibmcloud.com/vulnerabilities/46033 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 2CVE-2008-6080 – Joomla! Component ionFiles 4.4.2 - File Disclosure
https://notcve.org/view.php?id=CVE-2008-6080
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. Vulnerabilidad de salto de directorio en download.php en el componente ionFiles (com_ionfiles) v4.4.2 para Joomla! perminite a atacantes remotos leer ficheros de su elección a través de .. • https://www.exploit-db.com/exploits/6809 http://secunia.com/advisories/32377 http://www.securityfocus.com/bid/31877 https://exchange.xforce.ibmcloud.com/vulnerabilities/46039 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •