CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2609 – Joomla! Component com_amocourse - 'catid' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2609
27 Jul 2009 — SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. Vulnerabilidad de inyección SQL en el componente amoCourse (com_amocourse) para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "catid" en una acción "category" en index.php. • https://www.exploit-db.com/exploits/9016 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2601 – Joomla! Component Joomlaequipment (com_juser) 2.0.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2009-2601
27 Jul 2009 — SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. Vulnerabilidad de inyección SQL en el componente Joomlaequipment (conocido también como JUser o com_juser) v2.0.4 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro "id" en una acción en index.php. • https://www.exploit-db.com/exploits/8847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2567 – Joomla! Component Almond Classifieds 5.6.2 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-2567
22 Jul 2009 — SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Una vulnerabilidad de inyección de SQL en Almond Classifieds (com_aclassf) v5.6.2 de Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en index.php. • https://www.exploit-db.com/exploits/8619 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 3CVE-2009-2554 – Joomla! Component Jobline 1.3.1 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-2554
20 Jul 2009 — SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php. Vulnerabilidad de inyección SQL en el método de búsqueda en jobline.class.php en el componente Jobline (com_jobline) v1.1.2.2, v1.3.1, y posible... • https://www.exploit-db.com/exploits/9187 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2390 – Joomla! Component com_bookflip - 'book_id' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2390
09 Jul 2009 — SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php. Vulnerabilidad de inyección SQL en el componente BookFlip (com_bookflip) v2.1 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro book_id a index.php. • https://www.exploit-db.com/exploits/9040 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2395 – Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2395
09 Jul 2009 — SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. Vulnerabilidad de inyección de SQL en el componente K2 (com_k2) v1.0.1 beta y anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro categoría (category)en una acción itemlist a index.php. • https://www.exploit-db.com/exploits/9030 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2400 – Joomla! Component com_php - 'id' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-2400
09 Jul 2009 — SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Vulnerabilidad de inyección de SQL en el componente PHP (com_php) para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro id en index.php. • https://www.exploit-db.com/exploits/9028 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6852 – Joomla! Component Ice Gallery 0.5b2 - 'catid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-6852
07 Jul 2009 — SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Ice Gallery (com_ice) v0.5 beta 2 para Joomla! permite a atacantes remotos ejecutar comandos SQL a su elección a través del parámetro catid de index.php. • https://www.exploit-db.com/exploits/7572 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 2CVE-2009-2290 – Joomla! Component Boy Scout Advancement 0.3 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2290
01 Jul 2009 — SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php. Vulnerabilidad de inyección SQL en el componente Boy Scout Advancement (com_bsadv) v0.3 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en (1) "account" o (2) "event task" al index.php. • https://www.exploit-db.com/exploits/8779 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 2CVE-2008-6841 – Joomla! Component DBQuery 1.4.1.1 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2008-6841
01 Jul 2009 — PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to classes/DBQ/admin/common.class.php. Vulnerabilidad de inclusión remota de archivo PHP en los componentes Green Mountain Information Technology y Consulting Database Query v1.4.1.1 y anteriores para Joomla! , permiten a atacantes remo... • https://www.exploit-db.com/exploits/6003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •