51 matches found
titlelink SQL注入漏洞
titlelink is a Joomla system plugin that makes it easy to create links to other Joomla content within Joomla content via titles or aliases. A SQL injection vulnerability exists in titlelink, which stems from unknown functionality in the file plugincontenttitle.php, and can be exploited by an...
Nugmubs ChronoForms Cross-Site Scripting Vulnerability
Nugmubs ChronoForms is a plugin from the individual developers of Nugmubs for providing discussion functionality to Joomla. A cross-site scripting vulnerability exists in Nugmubs ChronoForms version 2.0.11, which originates when inserting a crafted payload into a post. If any user sees the post,...
CVE-2011-4908
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php...
CVE-2011-4908
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php...
CVE-2019-9921
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user...
Harmis Ek rishta SQL Injection Vulnerability in Joomla!
Joomla! is an open source content management system CMS developed by the Open Source Matters team in the U.S. The system provides RSS feeds, site search, etc. Harmis Ek rishta aka ek-rishta is used in one of the wedding dating site plugin. A SQL injection vulnerability exists in the router.php fi...
CVE-2018-6581
SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter...
PT-2017-5750 · Joomla · Joomla! Googlemaps Plugin
Name of the Vulnerable Software and Affected Versions: Joomla Googlemaps plugin versions prior to 3.1 Description: The issue allows remote attackers to cause a denial of service. This can be achieved via the url parameter to the "plugin googlemap2 proxy.php" endpoint. Recommendations: For version...
Huge-IT Portfolio Gallery manager SQL Injection Vulnerability
Huge-IT Portfolio Gallery manager is Huge-IT team developed an extension plugin for Joomla! in the management and display of photos, videos and so on. A SQL injection vulnerability exists in Huge-IT Portfolio Gallery manager v1.1.5. An attacker can exploit this vulnerability to inject arbitrary S...
CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities
Document Title: =============== CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 102 Product & Service Introduction: =============================== The PHP/HTML Encryptor & The...
PT-2006-5738 · Joomla · Bsq Sitestats
Name of the Vulnerable Software and Affected Versions: BSQ Sitestats bsq sitestats versions prior to 2.1.1 for Joomla! Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter. This can be exploited by sending a malicious URL ...