CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2008-1848 – Joomla! Component JoomlaXplorer 1.6.2 - Remote s
https://notcve.org/view.php?id=CVE-2008-1848
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el componente joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! 1.6.2 y anteriores; permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través del parámetro de error en una acción show_error de index.php. • https://www.exploit-db.com/exploits/5431 http://www.securityfocus.com/bid/28746 https://exchange.xforce.ibmcloud.com/vulnerabilities/41779 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 2CVE-2008-1849 – Joomla! Component JoomlaXplorer 1.6.2 - Remote s
https://notcve.org/view.php?id=CVE-2008-1849
Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. Vulnerabilidad de salto de directorio en index.php del componente joomlaXplorer 1.6.2 y anteriores (com_joomlaxplorer) para Mambo/Joomla!, permite a atacantes remotos listar directorios de su elección a través del parámetro "dir" .. • https://www.exploit-db.com/exploits/5431 http://www.securityfocus.com/bid/28746 https://exchange.xforce.ibmcloud.com/vulnerabilities/41778 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-1733 – Pragmatic Utopia PU Arcade 2.2 - 'gid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1733
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. Vulnerabilidad de inyección de código SQL en puarcade.class.php 2.2 y anteriores en el Pragmatic Utopia PU Arcade (com_puarcade) componente para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro gid de intex.php. • https://www.exploit-db.com/exploits/31631 http://securityreason.com/securityalert/3807 http://www.osvdb.org/44391 http://www.securityfocus.com/archive/1/490626/100/0/threaded http://www.securityfocus.com/bid/28701 https://exchange.xforce.ibmcloud.com/vulnerabilities/41726 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 3CVE-2008-1559 – Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1559
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. Vulnerabilidad de inyección SQL en el componente Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción view a index.php. • https://www.exploit-db.com/exploits/5310 https://www.exploit-db.com/exploits/5512 http://www.securityfocus.com/bid/28443 https://exchange.xforce.ibmcloud.com/vulnerabilities/41428 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1533
https://notcve.org/view.php?id=CVE-2008-1533
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors. Vulnerabilidad no especificada en la extensión XML-RPC Blogger API de Joomla! 1.5 permite a atacantes remotos realizar operaciones de artículo no autorizadas en artículos a través de vectores desconocidos. • http://secunia.com/advisories/28861 http://www.joomla.org/content/view/4560/1 http://www.securityfocus.com/bid/27719 https://exchange.xforce.ibmcloud.com/vulnerabilities/41563 •