CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

NVD•added 2026/05/25 3:16 p.m.•10 views

CVE-2018-25381

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS0.00029EPSS

Exploits0References4

CVE•added 2026/05/25 2:15 p.m.•13 views

CVE-2018-25381

Joomla Responsive Portfolio 1.6.1 is affected by an SQL injection via POST parameters filter_type_id, filter_pid_id, and filter_search. The vulnerability allows authenticated attackers to execute arbitrary SQL commands and potentially extract credentials and server details. Reported CVSS v4.0/bas...

7.1CVSS6.1AI score0.00029EPSS

Exploits0References4

Positive Technologies•added 2026/05/25 12:0 a.m.•6 views

PT-2026-43233

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter type id, filter pid id, and filter search parameters in POST...

7.1CVSS6.1AI score0.00029EPSS

Exploits0References5

CNNVD•added 2026/05/25 12:0 a.m.•6 views

Joomla! Responsive Portfolio SQL注入漏洞

Joomla! Responsive Portfolio is a Joomla! open source Joomla website portfolio extension. A SQL injection vulnerability exists in Joomla! Responsive Portfolio version 1.6.1, which stems from SQL injection of multiple filter parameters, which could lead to an authenticated attacker injecting...

7.1CVSS5.9AI score0.00029EPSS

Exploits0References4

Patchstack•added 2025/11/04 5:17 a.m.•6 views

WordPress Multi-language Responsive Portfolio plugin <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Marco Gasi in WordPress Plugin Multi-language Responsive Portfolio versions = 1.0...

4.4CVSS5.5AI score0.00022EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/11/04 12:0 a.m.•3 views

WordPress plugin Bootstrap Multi-language Responsive Portfolio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

4.4CVSS5.8AI score0.00022EPSS

Exploits0References3

RedhatCVE•added 2025/09/12 7:11 a.m.•4 views

CVE-2025-10049

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the HdnMediaSelectionimage field in all versions up to, and including, 1.0.24. This makes it possible for authenticated attackers, with Administrator-level acce...

7.2CVSS7.3AI score0.00513EPSS

Exploits0References1

Patchstack•added 2025/09/09 11:58 p.m.•3 views

WordPress Responsive Filterable Portfolio plugin <= 1.0.24 - Authenticated (Admin+) Arbitrary File Upload vulnerability

Authenticated Admin+ Arbitrary File Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Responsive Filterable Portfolio versions = 1.0.24...

7.2CVSS6.8AI score0.00513EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 3:8 a.m.•3 views

CVE-2023-2119

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6.9AI score0.03681EPSS

Exploits0References1

Prion•added 2019/10/11 7:15 p.m.•10 views

Design/Logic Flaw

The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information such as userlogin, userpass, and useremail values via a direct request for the wp-content/uploads/tmmdbmigrate/wpusers.dat URI...

5CVSS6.8AI score0.00663EPSS

Exploits1References1Affected Software1

CVE•added 2019/10/11 6:2 p.m.•137 views

CVE-2015-9487

The CVE-2015-9487 issue affects the ThemeMakers Almera Responsive Portfolio theme for WordPress (up to 2015-05-15). A direct request to wp-content/uploads/tmm_db_migrate/wp_users.dat allows remote attackers to obtain sensitive data (user_login, user_pass, user_email). Root cause is information di...

7.5CVSS7.3AI score0.00663EPSS

Exploits1References1Affected Software1

CNVD•added 2018/09/26 12:0 a.m.•1 views

Component Responsive Portfolio 'filter_order_Dir' SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Responsive Portfolio 'filterorderDir' component of Joomla! An attacker can execute SQL commands by including vulnerable parameters...

8.3AI score

Exploits0References1

0day.today•added 2018/09/26 12:0 a.m.•20 views

Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Responsive Portfolio 1.6.1 - 'filterorderDir' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://extro.media/ Software Link:...

0.4AI score

Exploits0

0day.today•added 2017/08/28 12:0 a.m.•30 views

Joomla Responsive Portfolio 1.6.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component RPC - Responsive Portfolio 1.6.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://extro.media/ Software Link: https://extensions.joomla.org/extension/rpc-responsive-portfolio/ Demo:...

0.3AI score

Exploits0

exploitpack•added 2017/08/25 12:0 a.m.•19 views

Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection

Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection Exploit Title: Joomla! Component RPC - Responsive Portfolio 1.6.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://extro.media/ Software Link: https://extensions.joomla.org/extension/rpc-responsive-portfolio/ Demo:...

0.2AI score

Exploits0

Exploit DB•added 2017/08/25 12:0 a.m.•30 views

Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection

Exploit Title: Joomla! Component RPC - Responsive Portfolio 1.6.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://extro.media/ Software Link: https://extensions.joomla.org/extension/rpc-responsive-portfolio/ Demo: https://demo.extro.media/responsive-joomla-extensions-en/video-...

7.4AI score

Exploits0

Joomla! Vulnerable Extensions List•added 2015/06/21 12:0 a.m.•14 views

Responsive Portfolio Wall [mod_repowa], 1.0 and below, XSS (Cross Site Scripting)

Responsive Portfolio Wall modrepowa, 1.0, XSS Cross Site Scripting Extension includes vulnerable version of JS library prettyPhoto Vulnerability fixed in version 1.1 Update notice: http://www.joomlabusiness.net/module/responsive-portfolio-wall...

6.2AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by