1070 matches found
CVE-2018-25433
Technical details for CVE-2018-25433 are not publicly available in the provided documents. Monitor for updates.
PT-2026-45624
Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter. Attackers can send GET requests to index.php with crafted categoryid values in the...
Joomla! Component eXtroForms SQL注入漏洞
Joomla! Component eXtroForms is an open source Joomla! A SQL injection vulnerability exists in Joomla! Component eXtroForms version 2.1.5, which stems from an SQL injection in the filtertypeid, filterpidid, and filtersearch parameters, which could allow an authenticated attacker to extract...
EUVD-2018-21875
Joomla Component jomres 9.11.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information by tricking authenticated users into visiting malicious pages. Attackers can craft HTML forms targeting the account/index endpoint with hidden fields to chan...
CVE-2018-25348
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...
CVE-2018-25327
Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete job entries or modi...
JoomSky Joomla! Component Js Jobs 跨站请求伪造漏洞
JoomSky Joomla! Component Js Jobs is a human resources component developed by JoomSky Corporation, designed for publishing job listings, managing positions, and facilitating job applications on Joomla websites. Version 1.2.0 of JoomSky Joomla! Component Js Jobs contains a cross-site request...
HDWPlayer Joomla com_hdwplayer SQL注入漏洞
HDWPlayer Joomla comhdwplayer is a Joomla video player component developed by HDWPlayer Inc. Version 4.2 of HDWPlayer Joomla comhdwplayer contains a SQL injection vulnerability. This vulnerability stems from an SQL injection issue in the search.php file. It may allow unauthenticated attackers to...
CVE-2021-47930
Balbooa Joomla Forms Builder 2.0.6 is affected by an unauthenticated SQL injection in the form submission handler. The vulnerability can be triggered by sending POST requests to the com_baforms component with malicious JSON payloads in the 'id' field, enabling remote attackers to extract sensitiv...
CVE-2026-21623
Lack of input filterung leads to a persistent XSS vulnerability in the forum post handling of the Easy Discuss component for Joomla...
CVE-2023-40655
A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla...
CVE-2009-4431
PHP remote file inclusion vulnerability in calpopup.php in the Anything Digital Development JCal Pro aka comjcalpro or JCP component 1.5.3.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
VulnCheck KEV: CVE-2010-2035
Directory traversal vulnerability in the Percha Gallery comperchagallery component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...
EUVD-2011-5034
Malware in sbrugna...
EUVD-2008-3073
Malware in sbrugna...
EUVD-2010-4704
Malware in sbrugna...
EUVD-2015-6854
Malware in sbrugna...
EUVD-2008-1935
Malware in sbrugna...
EUVD-2010-2064
Malware in sbrugna...
EUVD-2010-0404
Malware in sbrugna...