CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0945 – Joomla! Component com_hotbrackets - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0945
08 Mar 2010 — SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! HotBrackets Tournament Brackets (com_hotbrackets), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id sobre index.php. • https://www.exploit-db.com/exploits/10953 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0946 – Joomla! Component com_ksadvertiser - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0946
08 Mar 2010 — SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro pid en una accción showcats sobre index.php. • https://www.exploit-db.com/exploits/11068 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0795 – Joomla! Component JE Event Calendar - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0795
02 Mar 2010 — SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. Vulnerabilidad de inyección SQL en el componente JE Event Calendars (com_jeeventcalendar) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "event_id" en una acción "event" a index.php. • https://www.exploit-db.com/exploits/11292 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 3CVE-2010-0796 – Joomla! Component JE Quiz - 'eid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0796
02 Mar 2010 — SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. Vulnerabilidad de inyección SQL en el componente JE Quiz (com_jequizmanagement) v1.b01 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "eid" en una acción "question" a index.php. • https://www.exploit-db.com/exploits/11287 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2010-0800 – Joomla! Component com_dms 2.5.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0800
02 Mar 2010 — SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. Vulnerabilidad de inyección SQL en el componente Ossolution Team Documents Seller (aka DMS) (com_dms) v2.5.1 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro "category_id" en una acción "view_category" a index.php. • https://www.exploit-db.com/exploits/11289 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 2%CPEs: 2EXPL: 4CVE-2010-0801 – Joomla! Component AutartiTarot - Directory Traversal
https://notcve.org/view.php?id=CVE-2010-0801
02 Mar 2010 — Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente AutartiTarot (com_autartitarot) v1.0.3 para Joomla! permite a usuarios remotos... • https://www.exploit-db.com/exploits/33590 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 4CVE-2010-0803 – Joomla! Component jVideoDirect - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0803
02 Mar 2010 — SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. Vulnerabilidad de inyección SQL en el componente jVideoDirect (com_jvideodirect) v1.1 RC3b para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "v" al index.php. • https://www.exploit-db.com/exploits/11280 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 3CVE-2010-0753 – Joomla! Component user_id com_sqlreport - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0753
27 Feb 2010 — SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente SQL Reports (com_sqlreport) v1.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro user_id sobre ajax/print.php. • https://www.exploit-db.com/exploits/11549 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.1EPSS: 4%CPEs: 2EXPL: 4CVE-2010-0759 – Joomla! Plugin Core Design Scriptegrator - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-0759
27 Feb 2010 — Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760. Múltiples vulnerabilidades de salto de directorio en plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php en el plugin Core Design Scriptegrator v1.4.1 pa... • https://www.exploit-db.com/exploits/11498 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2010-0760 – Joomla! Plugin Core Design Scriptegrator - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-0760
27 Feb 2010 — Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabili... • https://www.exploit-db.com/exploits/11498 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •