CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4929 – Joomla! Component Joostina - SQL Injection
https://notcve.org/view.php?id=CVE-2010-4929
SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php. Vulnerabilidad de inyección SQL en el componente Joostina (com_ezautos) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro firstCode en una acción helpers para index.php • https://www.exploit-db.com/exploits/15085 http://www.exploit-db.com/exploits/15085 http://www.securityfocus.com/bid/43415 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4937 – Joomla! Component Amblog 1.0 - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2010-4937
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Amblog (com_amblog) v1.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro (1) articleid o (2) catid sobre index.php. • https://www.exploit-db.com/exploits/14596 http://adv.salvatorefresta.net/Amblog_1.0_Joomla_Component_Multiple_SQL_Injection_Vulnerabilities-10082010.txt http://secunia.com/advisories/40932 http://securityreason.com/securityalert/8456 http://www.exploit-db.com/exploits/14596 http://www.securityfocus.com/archive/1/512975/100/0/threaded • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4926 – Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2010-4926
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. Vulnerabilidad de inyección SQL en el componente TimeTrack (com_timetrack) v1.2.4 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro ct_id en una acción timetrack para index.php • https://www.exploit-db.com/exploits/15084 http://packetstormsecurity.org/1009-exploits/joomlatimetrack-sql.txt http://salvatorefresta.net/files/adv/TimeTrack_1.2.4_Joomla_Component_Multiple_SQL_Injection_Vulnerabilities-22092010.txt http://secunia.com/advisories/41583 http://securityreason.com/securityalert/8454 http://timetrack.itrn.de http://www.exploit-db.com/exploits/15084 http://www.securityfocus.com/archive/1/513905/100/0/threaded • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 3CVE-2010-4949 – Joomla! Component FreiChat 1.0/2.x - HTML Injection
https://notcve.org/view.php?id=CVE-2010-4949
Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el (1) componente FreiChat anterior a v2.1.2 para Joomla! y en el (2) componente FreiChatPure anterior v1.2.2 para Joomla! • https://www.exploit-db.com/exploits/34374 http://forum.joomla.org/viewtopic.php?p=2209586 http://secunia.com/advisories/40751 http://www.osvdb.org/66628 http://www.securityfocus.com/bid/41961 https://exchange.xforce.ibmcloud.com/vulnerabilities/60828 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4927 – Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4927
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. Vulnerabilidad de inyección SQL en el componente Restaurant Guide (com_restaurantguide) v1.0.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción "country" sobre index.php. • https://www.exploit-db.com/exploits/15040 http://packetstormsecurity.org/1009-exploits/joomlarestaurantguide-sqlxsslfi.txt http://securityreason.com/securityalert/8458 http://www.exploit-db.com/exploits/15040 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •