CVE-2024-21728 Extension - smartcalc.es - Open redirect vulnerability in osTicky component for Joomla <= 2.2.8

An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky osTicket Bridge by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability allows attackers to control the return paramete...

CVE-2024-21728 Extension - smartcalc.es - Open redirect vulnerability in osTicky component for Joomla <= 2.2.8

An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky osTicket Bridge by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability allows attackers to control the return paramete...

CVE-2023-23753

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it...

Sql injection

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it...

CVE-2023-23753 Extension - vi-solutions - Visforms Base Package for Joomla 3

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it...

CVE-2023-23753

Technical details for CVE-2023-23753 are not provided in the supplied documents; monitor for updates.

Visforms Base Package for Joomla!, 4, SQL Injection

Project: Visforms für Joomla 3 Extension: comvisforms Impact: Critical Severity: High Probability: Unkonwn Versions: 3.8.0 - 3.14.10 Exploit type: SQL Injection Reported Date: 2023-04-16 Fixed Date: 2023-04-19 CVE Number: CVE-2023-23753 Description An improper use of input filter allows...

CVE-2021-26033

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint...

Joomla! 3.x < 3.9.26 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.x prior to 3.9.26. It is, therefore, affected by multiple vulnerabilities. - Inadequate escaping allowed Cross-Site Scripting XSS using the logo parameter of the default templates on error pages...

Cross site scripting

In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates...

Joomla JoomGallery 3.2.2 / PonyGallery 2.5.1 Database Disclosure / SQL Injection

Exploit Title : Joomla JoomGallery 3.2.2 PonyGallery 2.5.1 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/02/2019 Vendor Homepage : joomlander.net - joomlacode.org Software Download Link :...

Joomla! 3.1.x < 3.8.8 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7 - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7 - Information Disclosure abo...

Joomla RealEstateManager 4.2.0 SQL Injection

Title: Joomla RealEstateManager 4.2.0 - SQL injection Credit: Bilal KARDADOU Vendor: http://ordasoft.com/ URL: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/realestatemanager/ Product: 'Joomla RealEstateManager 4.2.0' Developer: OrdaSoft Extension type: Plugin La...

User Bench 1.0, sql injection

User Bench by gegabyte.org, version 1.0, sql injection resolution: update to version 1.1 update notice: http://www.gegabyte.org/downloads/joomla-extensions/joomla3/components/307-user-bench...

Joomla 3.x <= 3.4.4模块Content History存在SQL注入漏洞

No description provided by source...

CVE-2015-8769

SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2015-8769

CVE-2015-8769: Joomla! Core SQL Injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. Affected software is Joomla! 3.x prior to 3.4.7. Root cause is SQL injection in core; impact includes potential data disclosure/manipulat...

cckseblod 1.x Directory Traversal

comcckseblod aka seblod 1.x for Joomla 1.5 1.9.0 and all previous versions Directory Traversal Resolution: update to 1.9.1 Update notice: http://www.seblod.com/changelogs?sebchangelogproduct=cck1x Developer states that Seblod 3.x, the version compatible with Joomla 2.5 and 3, is not vulnerable...

JDownloads

unauthorized file upload vulnerable versions: below 1.9.1.6 Joomla 2.5 and below 1.9.2.11 Joomla 3 security release announcement: http://www.jdownloads.com/index.php?option=comcontent=article=231:urgent-security-update-for-19-series=51:news Note that the developer did not inform the VEL...

Joomla Youtube Gallery Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh email protected Vendor Homepage:...