CVE-2008-1935
- EPSS 0.97%
- Veröffentlicht 25.04.2008 06:05:00
- Zuletzt bearbeitet 16.06.2026 22:52:46
SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter.
CVE-2008-1533
- EPSS 1.17%
- Veröffentlicht 28.03.2008 00:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:55
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors.
CVE-2008-0829
- EPSS 1.06%
- Veröffentlicht 19.02.2008 21:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:26
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
CVE-2008-0795
- EPSS 0.97%
- Veröffentlicht 15.02.2008 22:00:00
- Zuletzt bearbeitet 16.06.2026 22:50:22
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2008-0561
- EPSS 1.1%
- Veröffentlicht 04.02.2008 23:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:52
SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-0517
- EPSS 1.01%
- Veröffentlicht 31.01.2008 20:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:47
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
CVE-2007-6643
- EPSS 1.88%
- Veröffentlicht 04.01.2008 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:29
Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-6642
- EPSS 1.06%
- Veröffentlicht 04.01.2008 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:29
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspec...
CVE-2007-6644
- EPSS 1.95%
- Veröffentlicht 04.01.2008 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:29
Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.
CVE-2007-6645
- EPSS 2.47%
- Veröffentlicht 04.01.2008 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:30
Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability."