CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2018-5971 – Joomla! Component MediaLibrary Free 4.0.12 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-5971
17 Feb 2018 — SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter. Existe inyección SQL en el componente MediaLibrary Free 4.0.12 para Joomla! mediante el parámetro id o el parámetro mid array. Joomla! • https://packetstorm.news/files/id/146452 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2018-5982 – Joomla! Component Advertisement Board 3.1.0 - 'catname' SQL Injection
https://notcve.org/view.php?id=CVE-2018-5982
17 Feb 2018 — SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. Existe inyección SQL en el componente Advertisement Board 3.1.0 para Joomla! mediante una petición task=show_rss_categoriescatname=. Joomla! • https://packetstorm.news/files/id/146432 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2851
https://notcve.org/view.php?id=CVE-2010-2851
23 Jul 2010 — SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. Vulnerabilidad de inyección SQL en el módulo BookLibrary From Same Author (com_booklibrary) 1.5, y posiblemente versiones anteriores, para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en una acción view a index.php. • http://secunia.com/advisories/40130 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-1522
https://notcve.org/view.php?id=CVE-2010-1522
01 Jul 2010 — Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the bid[] parameter in a (1) lend_request or (2) save_lend_request action to index.php, the id parameter in a (3) mdownload or (4) downitsf action to index.php, or (5) the searchtext parameter in a search action to index.php. Múltiples vulnerabilidades de inyección SQL en el componente BookLibrary Basic (com_booklib... • http://ordasoft.com/Download/Download-document/3-BookLibrary-1.5.3-Basic-for-Joomla-1.5.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 3CVE-2009-3817 – Joomla! Component Book Library 1.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-3817
28 Oct 2009 — PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inclusión remota de archivos PHP en doc/releasenote.php en el componente BookLibrary (com_booklibrary) v1.0 ... • https://www.exploit-db.com/exploits/9889 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2633 – Joomla! Component com_vehiclemanager 1.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-2633
28 Jul 2009 — PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de fichero PHP toolbar_ext.php en el componente VehicleManager(com_vehiclemanager)v1.0 para Joomla! permite a atacantes remotos ejecutar código PHP arbitrario a través de una URL en el parámetro "mosConfig_absolute_path". • https://www.exploit-db.com/exploits/8920 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2634 – Joomla! Component com_media_library 1.5.3 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-2634
28 Jul 2009 — PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de fichero PHP en toolbar_ext.php en el MediaLibrary (com_media_library) v1.5.3 Basic para Joomla! permite a atacantes remotos ejecutar código PHP arbitrario a través de una URL en el parametro "mosConfig_absolute_path". • https://www.exploit-db.com/exploits/8912 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2635 – Joomla! Component com_realestatemanager 1.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-2635
28 Jul 2009 — PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de fichero PHP en toolbar_ext.php en el componente RealEstateManager (com_realestatemanager) v1.0 Basic para Joomla! permite a atacantes remotos ejecutar código PHP de forma arbitraria a través de una URL en el parámetro "mosConfig... • https://www.exploit-db.com/exploits/8919 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2637 – Joomla! Component BookLibrary 1.5.2.4 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-2637
28 Jul 2009 — PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de fichero PHP en el componente BookLibrary (com_booklibrary) v1.5.2.4 Basic para Joomla! permitiría a atacantes remotos ejecutar código PHP a través de una URL en el parámetro "mosConfig_absolute_path". • https://www.exploit-db.com/exploits/8908 • CWE-94: Improper Control of Generation of Code ('Code Injection') •