CVE-2009-4785

SQL injection vulnerability in the Quick News comquicknews component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewitem action to index.php...

CVE-2020-10243

An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype...

EUVD-2011-1164

Malware in sbrugna...

EUVD-2019-9442

Malware in sbrugna...

PT-2025-30022 · Joomla · Balbooa Forms

Name of the Vulnerable Software and Affected Versions: Balbooa Forms versions 1.0.0 through 2.3.1.1 Description: A SQL injection issue exists in the Balbooa Forms plugin for Joomla. Privileged users can execute arbitrary SQL commands through the id parameter. Recommendations: Balbooa Forms versio...

CVE-2020-19451

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via comjdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter...

CVE-2010-4696

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the 1 filterorder or 2 filterorderDir parameter in a comcontact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this...

BIT-JOOMLA-2022-23797 [20220305] - Core - Inadequate filtering on the selected Ids

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection...

Joomla! SQLi Vulnerability (20250201)

Joomla! is prone to an SQL injection SQLi vulnerability in the Scheduled Tasks component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla JKassa ShoppingCart 2.0.0 SQL Injection Vulnerability

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...

CVE-2020-35613

An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list...

Joomla J2Store < 3.3.7 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: J2Store Plugin for Joomla! 3.3.6 - SQL Injection Author: Andrei Conache Twitter: @andreiconache Contact: andrei.conacheatprotonmail.com Software Link: https://www.j2store.org Version: 3.x-3.3.6 Tested on: Linux CVE: CVE-2019-918...

CVE-2018-17378

SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filterorderDir or filterorder parameter...

Joomla! Swap Factory 2.2.1 SQL Injection

Exploit Title: Joomla! Component Swap Factory 2.2.1 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/classified-ads/swap-factory/ Version: 2.2.1 Category: Webapps Tested on:...

Joomla! Jobs Factory 2.0.4 SQL Injection

Exploit Title: Joomla! Component Jobs Factory 2.0.4 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/jobs-factory/ Version: 2.0.4 Category: Webapps Tested on...

Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection

Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection Exploit Title: Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: https://thephpfactory.com/ Software Link:...

CVE-2018-17254

The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter...

Joomla! Component CW Tags 2.0.6 - SQL Injection

Exploit Title: Joomla! Component CW Tags 2.0.6 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: http://www.cwjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/search-a-indexing/tags-a-clouds/cw-tags/ Version: 2.0.6 Category: Webapps Tested on:...

Joomla! AllVideos Reloaded 1.2.x SQL Injection

Exploit Title: Joomla! Component AllVideos Reloaded 1.2.x - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://allvideos.fritz-elfert.de Software Link: http://joomlacode.org/gf/project/allvideos15/frs/?action=FrsReleaseBrowse&frspackageid=3564 Version: 1.2.x Category: Webapps Tested...

Joomla! Component Saxum Astro 4.0.14 - SQL Injection

Exploit Title: Joomla! Component Saxum Astro 4.0.14 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/living/astrology-a-horoscope/saxumastro/ Software Download:...