CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-2923 – Joomla! Component YouTube 1.5 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2923
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. Vulnerabilidad de inyección SQL en el complemento YouTube (com_youtube) v1.5 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id_cate" de index.php. • https://www.exploit-db.com/exploits/14467 http://packetstormsecurity.org/1007-exploits/joomlayoutube-sql.txt http://www.exploit-db.com/exploits/14467 http://www.securityfocus.com/bid/41938 https://exchange.xforce.ibmcloud.com/vulnerabilities/60624 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 4CVE-2010-2907 – Joomla! Component Huru Helpdesk - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2907
SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! Huru Helpdesk (com_huruhelpdesk), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid[0] en una acción detail sobre index.php. • https://www.exploit-db.com/exploits/14449 http://packetstormsecurity.org/1004-exploits/joomlahuruhelpdesk-sql.txt http://www.exploit-db.com/exploits/14449 http://www.securityfocus.com/bid/39366 https://exchange.xforce.ibmcloud.com/vulnerabilities/60609 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-2909 – Joomla! Component TTVideo 1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. Vulnerabilidad de inyección SQL en ttvideo.php del componente para Joomla! TTVideo (com_ttvideo) v1.0, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid en una acción video sobre index.php. • https://www.exploit-db.com/exploits/14481 http://adv.salvatorefresta.net/TTVideo_1.0_Joomla_Component_SQL_Injection_Vulnerability-27072010.txt http://osvdb.org/66630 http://secunia.com/advisories/40716 http://www.exploit-db.com/exploits/14481 http://www.securityfocus.com/archive/1/512685/100/0/threaded http://www.securityfocus.com/archive/1/512709/100/0/threaded http://www.toughtomato.com/downloads/16-comttvideo-1-0-1/file https://exchange.xforce.ibmcloud.com/vulnerabilities/60662 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-2910 – Joomla! Component Ozio Gallery - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2910
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. Vulnerabilidad de inyección SQL en el componente the Ozio Gallery (com_oziogallery) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "Itemid" en el index.php. • https://www.exploit-db.com/exploits/14462 http://packetstormsecurity.org/1007-exploits/joomlaoziogallery-sql.txt http://www.exploit-db.com/exploits/14462 https://exchange.xforce.ibmcloud.com/vulnerabilities/60618 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 3CVE-2010-2908 – Joomla! Component Joomdle 0.24 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2908
SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente Joomdle (com_joomdle) v0.24 y anteriores para Joomla!, permite a atacantes remotos inyectar secuencias HTML de su elección a través del parámetro "course_id" en una acción detail(detalle) al index.php. • https://www.exploit-db.com/exploits/14466 http://packetstormsecurity.org/1007-exploits/joomlajoomdle-sql.txt http://www.exploit-db.com/exploits/14466 http://www.vupen.com/english/advisories/2010/1923 https://exchange.xforce.ibmcloud.com/vulnerabilities/60623 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •