CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-1877 – Joomla! Component JTM Reseller 1.9 Beta - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1877
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php. Vulnerabilidad de inyección SQL en el componente JTM Reseller (com_jtm) v1.9 Beta para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro autor (author) en una acción de búsqueda a index.php. • https://www.exploit-db.com/exploits/12306 http://packetstormsecurity.org/1004-exploits/joomlajtmreseller-sql.txt http://www.exploit-db.com/exploits/12306 http://www.securityfocus.com/bid/39584 https://exchange.xforce.ibmcloud.com/vulnerabilities/57977 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 6CVE-2010-1873 – Joomla! Component Jvehicles - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1873
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente Jvehicles (com_jvehicles) v1.0, v2.0 y v2.1111 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro de ayuda en una acción agentlisting a index.php. • https://www.exploit-db.com/exploits/11997 https://www.exploit-db.com/exploits/12190 http://indonesiancoder.org/joomla-component-jvehicles-aid-sql-injection-vulnerability http://packetstormsecurity.org/1004-exploits/joomlajvehicles-sql.txt http://secunia.com/advisories/39401 http://www.exploit-db.com/exploits/12190 http://www.osvdb.org/63669 http://www.securityfocus.com/bid/39409 https://exchange.xforce.ibmcloud.com/vulnerabilities/57774 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-1874 – Joomla! Component Real Estate Property 3.1.22-03 - 'aid' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1874
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente Real Estate Property (com_properties) v3.1.22-03 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro de ayuda en una acción agentlisting a index.php. • https://www.exploit-db.com/exploits/12136 http://secunia.com/advisories/39074 http://www.exploit-db.com/exploits/12136 http://www.securityfocus.com/bid/39374 https://exchange.xforce.ibmcloud.com/vulnerabilities/57765 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 3CVE-2010-1858 – Joomla! Component SMEStorage - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1858
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente de Joolma! SMEStorage v1.1 (com_smestorage), permite a atacantes remotos leer ficheros de su elección mediante secuencias de salto de directorio en el parámetro "controller" sobre index.php. • https://www.exploit-db.com/exploits/11853 http://packetstormsecurity.org/1003-exploits/joomlasmestorage-lfi.txt http://secunia.com/advisories/39071 http://www.exploit-db.com/exploits/11853 http://www.securityfocus.com/bid/38911 https://exchange.xforce.ibmcloud.com/vulnerabilities/57108 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-1739 – Joomla! Component Newsfeeds - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1739
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php. Vulnerabilidad de inyección SQL en el componente Newsfeeds (com_newsfeeds)para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro feedid en una acción categorías en index.php. • https://www.exploit-db.com/exploits/12465 http://packetstormsecurity.org/1004-exploits/joomlanewsfeeds-sql.txt http://www.exploit-db.com/exploits/12465 http://www.securityfocus.com/bid/39834 https://exchange.xforce.ibmcloud.com/vulnerabilities/58263 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •