Show filters
120 Total Results
Displaying 91-100 of 120
Sort by:
Attacker Value
Unknown

CVE-2010-4719

Disclosure Date: February 01, 2011 (last updated October 04, 2023)
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
0
0
Attacker Value
Unknown

CVE-2010-4702

Disclosure Date: January 20, 2011 (last updated October 04, 2023)
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-3822

Disclosure Date: October 28, 2009 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.
0
0
Attacker Value
Unknown

CVE-2009-2473

Disclosure Date: August 21, 2009 (last updated October 04, 2023)
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
0
0
Attacker Value
Unknown

CVE-2009-2474

Disclosure Date: August 21, 2009 (last updated October 04, 2023)
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
0
0
Attacker Value
Unknown

CVE-2009-2791

Disclosure Date: August 17, 2009 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in pda_projects.php in WebDynamite ProjectButler 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the offset parameter.
0
0
Attacker Value
Unknown

CVE-2009-2400

Disclosure Date: July 09, 2009 (last updated October 04, 2023)
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
0
0
Attacker Value
Unknown

CVE-2009-0593

Disclosure Date: February 16, 2009 (last updated October 04, 2023)
SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a newar action.
0
0
Attacker Value
Unknown

CVE-2008-3746

Disclosure Date: August 27, 2008 (last updated October 04, 2023)
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function.
0
0
Attacker Value
Unknown

CVE-2008-2875

Disclosure Date: June 26, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter.
0
0
View More Topics  < Previous  Next >