Page 54 of 804 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-5053 – Joomla! Component XOBBIX 1.0 - 'prodid' SQL Injection

https://notcve.org/view.php?id=CVE-2010-5053

SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. Vulnerabilidad de inyección SQL en el componente XOBBIX (com_xobbix) v1.0.1 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro prodid en una acción prod_desc en index.php • https://www.exploit-db.com/exploits/12097 http://packetstormsecurity.org/1004-exploits/joomlaxobbix-sql.txt http://secunia.com/advisories/39312 http://www.exploit-db.com/exploits/12097 http://www.securityfocus.com/bid/39259 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-5048 – Joomla! Component JComments 2.1 - 'ComntrNam' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-5048

Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en admin.jcomments.php en el componente JoomlaTune JComments (com_jcomments)para Joomla!, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML a través del parámetro name en index.php • https://www.exploit-db.com/exploits/33998 http://packetstormsecurity.org/1005-exploits/joomlajcomments-xss.txt http://secunia.com/advisories/39842 http://www.htbridge.ch/advisory/xss_vulnerability_in_jcomments_joomla.html http://www.joomlatune.com/jcomments-v.2.2-release-notes.html http://www.securityfocus.com/archive/1/511320/100/0/threaded http://www.securityfocus.com/bid/40230 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-5056 – Joomla! Component GBU Facebook 1.0.5 - SQL Injection

https://notcve.org/view.php?id=CVE-2010-5056

SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. Vulnerabilidad de inyección SQL en el componente GBU Facebook (com_gbufacebook) v1.0.5 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro face_id. una acción show_face de index.php • https://www.exploit-db.com/exploits/12299 http://packetstormsecurity.org/1004-exploits/joomlagbufacebook-sql.txt http://secunia.com/advisories/39487 http://www.exploit-db.com/exploits/12299 http://www.securityfocus.com/bid/39576 http://www.vupen.com/english/advisories/2010/0944 https://exchange.xforce.ibmcloud.com/vulnerabilities/57946 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4

CVE-2010-5028 – Joomla! Component JE Job 1.0 - 'catid' SQL Injection

https://notcve.org/view.php?id=CVE-2010-5028

SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. Vulnerabilidad de inyección SQL en el componente JExtensions JE Job (com_jejob) v1.0 para Joomla! que permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "catid" en una acción de "item" para index.php. • https://www.exploit-db.com/exploits/12782 https://www.exploit-db.com/exploits/12601 http://secunia.com/advisories/39837 http://www.exploit-db.com/exploits/12782 http://www.osvdb.org/64708 http://www.securityfocus.com/bid/40193 http://www.vupen.com/english/advisories/2010/1269 https://exchange.xforce.ibmcloud.com/vulnerabilities/58599 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-5022 – Joomla! Component jesubmit 1.4 - SQL Injection

https://notcve.org/view.php?id=CVE-2010-5022

SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. Vulnerabilidad de inyección SQL en el comonente JExtensions JE Story Submit (com_jesubmit) v1.4 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "view " sobre index.php. • https://www.exploit-db.com/exploits/14054 http://www.exploit-db.com/exploits/14054 http://www.securityfocus.com/bid/41171 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •