Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (864 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2010-4365 2 Harmistechnology, Joomla 2 Com Jeajaxeventcalendar, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
CVE-2010-4937 2 Joomla, Robitbt 2 Joomla\!, Com Amblog 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php.
CVE-2010-4272 2 Joomla, Pulseinfotech 2 Joomla\!, Com Sponsorwall 2025-04-11 N/A
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2012-1598 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability."
CVE-2012-1599 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611.
CVE-2010-4268 2 Joomla, Pulseinfotech 2 Joomla\!, Com Flipwall 2025-04-11 N/A
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-3712 1 Joomla 1 Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component.
CVE-2010-3422 2 Joomla, Solventus 2 Joomla\!, Com Jgen 2025-04-11 N/A
SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-3028 2 Joomla, Simon Philips 2 Joomla, Aardvertiser 2025-04-11 N/A
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files.
CVE-2010-2923 2 Joomla, Prasanna 2 Joomla\!, Com Youtube 2025-04-11 N/A
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php.
CVE-2010-0945 2 Hotbrackets, Joomla 2 Com Hotbrackets, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-0982 2 Joomla, Joomlamo 2 Joomla\!, Com Cartweberp 2025-04-11 N/A
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2921 2 Joomla, Photoindochina 2 Joomla\!, Com Golfcourseguide 2025-04-11 N/A
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php.
CVE-2010-0985 2 Chris Simon, Joomla 2 Com Abbrev, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0981 2 Joomla, Templateplazza 2 Joomla\!, Com Tpjobs 2025-04-11 N/A
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
CVE-2010-1980 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlaflickr 2025-04-11 N/A
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2919 2 Joomla, Joomlaxt 2 Joomla\!, Com Staticxt 2025-04-11 N/A
SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-1531 2 Joomla, Redcomponent 2 Joomla\!, Com Redshop 2025-04-11 N/A
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVE-2010-2910 2 Alexred, Joomla 2 Com Oziogallery, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-3203 2 Joomla, Xmlswf 2 Joomla\!, Com Picsell 2025-04-11 N/A
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.