CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-5494 – Joomla! Component Contact Info 1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-5494
SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Contact Information Module (com_contactinfo) permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "catid" para index.php. • https://www.exploit-db.com/exploits/7093 http://securityreason.com/securityalert/4712 http://www.securityfocus.com/bid/32260 http://www.vupen.com/english/advisories/2008/3122 https://exchange.xforce.ibmcloud.com/vulnerabilities/46563 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2008-5226 – Mambo Component mambads 1.0 RC1 Beta - SQL Injection
https://notcve.org/view.php?id=CVE-2008-5226
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. Vulnerabilidad de inyección SQL en el componente MambAds (com_mambads) v1.0 RC1 Beta y v1.0 RC1 para Mambo; permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro ma_cata en una acción "view" (ver) en index.php. Se trata de una vulnerabilidad diferente de CVE-2007-5177. • https://www.exploit-db.com/exploits/5692 http://securityreason.com/securityalert/4630 http://www.securityfocus.com/bid/29433 https://exchange.xforce.ibmcloud.com/vulnerabilities/42747 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2CVE-2008-5208 – Joomla! Component Datsogallery 1.6 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-5208
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. Vulnerabilidad de inyección SQL en sub_votepic.php en el módulo Datsogallery (com_datsogallery) v1.6 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección utilizando la cabecera HTTP "User-Agent". • https://www.exploit-db.com/exploits/5583 http://secunia.com/advisories/30139 http://securityreason.com/securityalert/4624 http://www.securityfocus.com/bid/29138 https://exchange.xforce.ibmcloud.com/vulnerabilities/42324 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2008-5200 – Joomla! Component Xe webtv - 'id' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-5200
SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente Xe webtv (com_xewebtv) para Joomla! permite a atacantes remotos ejecutar comandos arbitrarios SQL a través de parámetro id en una acción de detalle de index.php. • https://www.exploit-db.com/exploits/5966 http://securityreason.com/securityalert/4643 http://www.securityfocus.com/bid/30006 http://www.vupen.com/english/advisories/2008/1974/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43469 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 15%CPEs: 2EXPL: 3CVE-2008-5053 – Joomla! Component Simple RSS Reader 1.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2008-5053
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. Vulnerabilidad de inclusión de archivo PHP remoto en admin.rssreader.php en el componente Simple RSS Reader (com_rssreader) 1.0 para Joomla! permite a atacantes remotos ejecutar código PHP de su elección mediante un URL en el parámetro mosConfig_live_site. • https://www.exploit-db.com/exploits/7096 http://osvdb.org/49859 http://securityreason.com/securityalert/4584 http://www.exploit-db.com/exploits/7096 http://www.securityfocus.com/bid/32265 http://www.vupen.com/english/advisories/2008/3119 https://exchange.xforce.ibmcloud.com/vulnerabilities/46559 • CWE-94: Improper Control of Generation of Code ('Code Injection') •