CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4990 – Joomla! Component Address Book - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4990
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. Vulnerabilidad de inyección SQL en el componente Front-edit Address Book (com_addressbook) de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro Itemid de una acción contact de index.php. • https://www.exploit-db.com/exploits/14210 http://www.exploit-db.com/exploits/14210 http://www.securityfocus.com/bid/41353 http://www.vupen.com/english/advisories/2010/1702 https://exchange.xforce.ibmcloud.com/vulnerabilities/60092 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4992 – Joomla! Component PaymentsPlus 2.1.5 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. Vulnerabilidad de inyección SQL en el componente Payments Plus 2.1.5 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro type de add.html. • https://www.exploit-db.com/exploits/14265 http://packetstormsecurity.org/1007-exploits/joomlapaymentsplus-sql.txt http://securityreason.com/securityalert/8497 http://www.exploit-db.com/exploits/14265 http://www.securityfocus.com/bid/41458 https://exchange.xforce.ibmcloud.com/vulnerabilities/60166 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4993 – Joomla! Component eventCal 1.6.4 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4993
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. Vulnerabilidad de inyección SQL en el componente eventcal (com_eventcal) 1.6.4 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro Itemid de index.php. • https://www.exploit-db.com/exploits/14187 http://packetstormsecurity.org/1007-exploits/joomlaeventcal-sql.txt http://securityreason.com/securityalert/8496 http://www.exploit-db.com/exploits/14187 http://www.securityfocus.com/bid/41369 https://exchange.xforce.ibmcloud.com/vulnerabilities/60060 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-4975 – Joomla! Component Techjoomla SocialAds - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-4975
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. Vulnerabilidad de inyección SQL en el componente Techjoomla SocialAds For JomSocial (com_socialads) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del campo de descripción "ads" en una acción showad al index.php. • https://www.exploit-db.com/exploits/14196 http://www.exploit-db.com/exploits/14196 http://www.securityfocus.com/bid/41354 https://exchange.xforce.ibmcloud.com/vulnerabilities/60067 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4977 – Joomla! Component Canteen 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4977
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. Vulnerabilidad de inyección SQL en menu.php del componente Canteen (com_canteen) 1.0 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro mealid de index.php. • https://www.exploit-db.com/exploits/34250 http://osvdb.org/66031 http://packetstormsecurity.org/1007-exploits/joomlacanteen-lfisql.txt http://secunia.com/advisories/40503 http://securityreason.com/securityalert/8495 http://www.salvatorefresta.net/files/adv/Canteen%20Joomla%20Component%201.0%20Multiple%20Remote%20Vulnerabilities-04072010.txt http://www.securityfocus.com/archive/1/512170/100/0/threaded http://www.securityfocus.com/bid/41358 https://exchange.xforce.ibmcloud.com/vulnerabilities/60103 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •