PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path...
7.8AI Score
0.011EPSS
SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to...
8.7AI Score
0.001EPSS
PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path...
7.8AI Score
0.011EPSS
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to...
8.8AI Score
0.001EPSS
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to...
8.7AI Score
0.001EPSS
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to...
7.8AI Score
0.023EPSS
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to...
8.7AI Score
0.001EPSS
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to...
6.9AI Score
0.024EPSS
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to...
8.7AI Score
0.001EPSS
Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file...
6.9AI Score
0.012EPSS
SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to...
8.7AI Score
0.001EPSS
Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) imgcaptcha.php or (2) mp3captcha.php in...
7.9AI Score
0.01EPSS
Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a file with an executable extension and an image/jpeg content type, then accessing this file via a...
7.8AI Score
0.129EPSS
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to...
8.7AI Score
0.001EPSS
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to...
7AI Score
0.011EPSS
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the...
8.7AI Score
0.001EPSS
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
8.4AI Score
0.001EPSS
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to...
8.7AI Score
0.001EPSS
PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site...
8AI Score
0.087EPSS
PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component 1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path...
7.8AI Score
0.025EPSS
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to...
9.9AI Score
0.001EPSS
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to...
8.7AI Score
0.001EPSS
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to...
8.5AI Score
0.001EPSS
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to...
8.7AI Score
0.002EPSS
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to...
8.7AI Score
0.001EPSS
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file...
6.8AI Score
0.033EPSS
SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than...
8.6AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign...
5.9AI Score
0.002EPSS
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than...
8.6AI Score
0.001EPSS