CVSS: 9.1EPSS: 6%CPEs: 2EXPL: 4CVE-2010-1476 – Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1476
19 Apr 2010 — Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente AlphaUserPoints (com_alphauserpoints) v1.5.5 para Joomla!, permite a atacantes remotos leer ficheros locales de su elección y posiblemente tener otros impactos al utilizar caracteres ".." • https://www.exploit-db.com/exploits/12150 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 4CVE-2010-1477 – Joomla! Component SermonSpeaker - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1477
19 Apr 2010 — SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. Vulnerabilidad de inyección SQL en el componente SermonSpeaker (com_sermonspeaker) anteriores a v3.2.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro. • https://www.exploit-db.com/exploits/12184 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.1EPSS: 2%CPEs: 2EXPL: 4CVE-2010-1478 – Joomla! Component Jfeedback 1.2 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1478
19 Apr 2010 — Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Ternaria Informatica Jfeedback! • https://www.exploit-db.com/exploits/12145 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 5CVE-2010-1479 – Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-1479
19 Apr 2010 — SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php. Vulnerabilidad de inyección SQL en el módulo RokModule (com_rokmodule) v1.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "moduleid" en una acción rae sobre index.php. • https://www.exploit-db.com/exploits/21221 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2010-1480 – Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-1480
19 Apr 2010 — SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente RokModule (com_rokmodule) v1.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "module" sobre index.php. • https://www.exploit-db.com/exploits/21221 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3CVE-2010-1461 – Joomla! Component Photo Battle 1.0.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1461
16 Apr 2010 — Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente Photo Battle (com_photobattle) v1.0.1 para Joomla! permite a atacantes remotos leer archivos de su elección a través del parámetro view en index.php. • https://www.exploit-db.com/exploits/12232 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2010-1372 – Joomla! Component HD FLV Player - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1372
13 Apr 2010 — SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Una vulnerabilidad de inyección SQL en el componente reproductor de HD FLV (com_hdflvplayer) v1.3 de Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en index.php. • https://www.exploit-db.com/exploits/33673 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4CVE-2010-1363 – Joomla! Component com_j-projects - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-1363
13 Apr 2010 — SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. Vulnerabilidad de inyección SQL en el componente JProjects (com_j-projects) para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro project en una acción projects (proyectos) a index.php. • https://www.exploit-db.com/exploits/10988 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 6CVE-2010-1350 – Joomla! Component JP Jobs 1.2.0 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1350
12 Apr 2010 — SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente JP Jobs (com_jp_jobs) v1.4.1 y anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en una acción detail (detalle) a index.php. • https://www.exploit-db.com/exploits/12191 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 3CVE-2010-1352 – Joomla! Component Juke Box 1.7 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1352
12 Apr 2010 — Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente JOOFORGE Jukebox(com_jukebox) v1.0 y v1.7 para Joomla! • https://www.exploit-db.com/exploits/12084 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •