CVE-2018-12254 – Joomla! Component Ek Rishta 2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-12254
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI. router.php en el componente Harmis Ek rishta (también conocido como ek-rishta) 2.10 para Joomla! permite la inyección SQL mediante PATH_INFO a un URI home/requested_user/Sent%20interest/. Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/44893 https://m4k4br0.github.io/sql-injection-joomla-component • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2018-7315 – Joomla! Component Ek Rishta 2.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-7315
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. Existe inyección SQL en el componente Ek Rishta 3.0.2 para Joomla! mediante los parámetros gender, age1, age2, religion, mothertounge, caste o country. Joomla! • https://www.exploit-db.com/exploits/44161 https://exploit-db.com/exploits/44161 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2012-5230
https://notcve.org/view.php?id=CVE-2012-5230
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors. Vulnerabilidad no especificada en el componente JE Story Submit (com_jesubmit) anteriores a v1.9 para Joomla! tiene vectores de ataque e impacto desconocidos. • http://joomlaextensions.co.in/product/JE-Story-Submit http://osvdb.org/78527 http://secunia.com/advisories/47728 http://www.securityfocus.com/bid/51679 https://exchange.xforce.ibmcloud.com/vulnerabilities/72750 •
CVE-2010-5028 – Joomla! Component JE Job 1.0 - 'catid' SQL Injection
https://notcve.org/view.php?id=CVE-2010-5028
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. Vulnerabilidad de inyección SQL en el componente JExtensions JE Job (com_jejob) v1.0 para Joomla! que permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "catid" en una acción de "item" para index.php. • https://www.exploit-db.com/exploits/12782 https://www.exploit-db.com/exploits/12601 http://secunia.com/advisories/39837 http://www.exploit-db.com/exploits/12782 http://www.osvdb.org/64708 http://www.securityfocus.com/bid/40193 http://www.vupen.com/english/advisories/2010/1269 https://exchange.xforce.ibmcloud.com/vulnerabilities/58599 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2010-5022 – Joomla! Component jesubmit 1.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-5022
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. Vulnerabilidad de inyección SQL en el comonente JExtensions JE Story Submit (com_jesubmit) v1.4 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "view " sobre index.php. • https://www.exploit-db.com/exploits/14054 http://www.exploit-db.com/exploits/14054 http://www.securityfocus.com/bid/41171 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •