CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0420 – Joomla! Component RD-Autos 1.5.5 - SQL Injection
https://notcve.org/view.php?id=CVE-2009-0420
05 Feb 2009 — SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Vulnerabilidad de inyección SQL en el componente RD-Autos (com_rdautos) v1.5.5 Stable para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id de index.php. • https://www.exploit-db.com/exploits/7795 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 2CVE-2009-0421 – Joomla! Component com_Eventing 1.6.x - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-0421
05 Feb 2009 — SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! Eventing (com_eventing) v1.6.x; permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro catid de index.php. • https://www.exploit-db.com/exploits/7793 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6050 – Joomla! Component Tech Article 1.x - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6050
04 Feb 2009 — SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. Vulnerabilidad de inyección SQL en el componente Tech Articles (com_tech_article) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "item" en el index.php. • https://www.exploit-db.com/exploits/7504 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0377 – Joomla! Component beamospetition 1.0.12 - SQL Injection / Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0377
02 Feb 2009 — SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. Vulnerabilidad de inyección SQL en el componente beamospetition (com_beamospetition) v1.0.12 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro "mpid" en una acción "sign" de index.php, un vector diferente a CVE-2008-3132. • https://www.exploit-db.com/exploits/7847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0378 – Joomla! Component beamospetition 1.0.12 - SQL Injection / Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0378
02 Feb 2009 — Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el archivo index.php en el componente beamospetition (com_beamospetition) 1.0.12 para Joomla! que permite a los atacantes remotos inyectar arbitrariamente una secuencia de comandos web o HTML a través ... • https://www.exploit-db.com/exploits/7847 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0379 – Joomla! Component com_pcchess - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-0379
02 Feb 2009 — SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. Vulnerabilidad de Inyección SQL en Prince Clan Chess Club (com_pcchess), componente para Joomla!, permite a atacantes remotos ejecutar código de su elección a través del parámetro "game_id" en una acción showgame sobre index.php, es un vector diferente a CVE-2... • https://www.exploit-db.com/exploits/7846 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 2CVE-2009-0380 – Mambo Component SOBI2 RC 2.8.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2009-0380
02 Feb 2009 — SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2 ** CUESTIONADA ** Una vulnerabilidad de inyección de SQL en el componente de Joomla! y Mambo Sigsiu Online Business Index 2 (SOBI2,... • https://www.exploit-db.com/exploits/7841 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0381 – Joomla! Component Com BazaarBuilder Shopping Cart 5.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2009-0381
02 Feb 2009 — SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php. Vulnerabilidad de inyección SQL en el componente BazaarBuilder Ecommerce Shopping Cart (com_prod) v5.0 del gestor de contenidos Joomla!. Permite a los usuarios remotos ejecutar comandos SQL de su elección a través del parámetro "cid" en una acción de tipo "products action" (acción de pr... • https://www.exploit-db.com/exploits/7840 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0373 – Joomla! Component ElearningForce Flash Magazine Deluxe - SQL Injection
https://notcve.org/view.php?id=CVE-2009-0373
30 Jan 2009 — SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php. Vulnerabilidad de inyección SQL en el componente componente ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) de Joomla!. Permite a los usuarios remotos ejecutar comandos SQL de su elección a través del parámetro "mag_id" en una acción de tipo "magazine action ... • https://www.exploit-db.com/exploits/7881 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0329 – Joomla! Component com_pccookbook - 'recipe_id' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-0329
29 Jan 2009 — SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. Vulnerabilidad de inyección SQL en el componente para Joomla! PcCookBook (com_pccookbook) que permitiría a atacantes remotos ejecutar comandos SQL a su elección a través del parámetro "recipe_id" en una acción viewrecipe en index.php, un vector diferente que CVE-20... • https://www.exploit-db.com/exploits/7824 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •