CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2CVE-2010-4944 – Joomla! Component Elite Experts - SQL Injection
https://notcve.org/view.php?id=CVE-2010-4944
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. Vulnerabilidad de inyección SQL en el componente Elite Experts (com_elite_experts) para Mambo y Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción showExpertProfileDetailed a index.php • https://www.exploit-db.com/exploits/15100 http://www.exploit-db.com/exploits/15100 https://exchange.xforce.ibmcloud.com/vulnerabilities/62010 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 3CVE-2010-4904 – Joomla! Component Aardvertiser 2.1 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4904
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente Aardvertiser (com_aardvertiser) v2.1 y v2.1.1 para Joomla! que permite a atacantes remotos ejecutar comandos SQL a través del parámetro cat_name en una acción de index.php. • https://www.exploit-db.com/exploits/14922 http://secunia.com/advisories/41293 http://www.exploit-db.com/exploits/14922 http://www.securityfocus.com/bid/43014 http://www.vupen.com/english/advisories/2010/2310 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-4898 – Joomla! Component Gantry 3.0.10 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4898
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Gantry (com_gantry) v3.0.10 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro moduleid en index.php. • https://www.exploit-db.com/exploits/14911 http://osvdb.org/67825 http://secunia.com/advisories/41300 http://www.exploit-db.com/exploits/14911 http://www.gantry-framework.org/news/70-joomla-version-3011-released http://www.securityfocus.com/bid/43017 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4918 – Joomla! Component iJoomla! Magazine 3.0.1 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2010-4918
PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magazine.functions.php. Vulnerabilidad de inclusión remota de archivo PHP en el componente iJoomla Magazine (com_magazine) v3.0.1 para Joomla!, permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro config de magazine.functions.php. • https://www.exploit-db.com/exploits/14896 http://packetstormsecurity.org/1009-exploits/ijoomlamagazine-rfi.txt http://securityreason.com/securityalert/8451 http://www.exploit-db.com/exploits/14896 https://exchange.xforce.ibmcloud.com/vulnerabilities/61598 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 5CVE-2010-4902 – Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections
https://notcve.org/view.php?id=CVE-2010-4902
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. Múltiples vulnerabilidades de inyección SQL en el componente Clantools (com_clantools) v1.2.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través de (1) squad o (2) parámetro showgame en index.php. • https://www.exploit-db.com/exploits/14902 https://www.exploit-db.com/exploits/14901 http://packetstormsecurity.org/1009-exploits/joomlaclantools-sql.txt http://secunia.com/advisories/41322 http://securityreason.com/securityalert/8440 http://www.exploit-db.com/exploits/14902 http://www.osvdb.org/67827 http://www.securityfocus.com/bid/42986 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •