jdc

28 exploits Active since Jul 2009
CVE-2008-6882 EXPLOITDB text WORKING POC
Joompolitan Com Livechat - Improper Input Validation
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
CVE-2008-6881 EXPLOITDB text WORKING POC
Joompolitan Com Livechat - SQL Injection
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php.
EIP-2026-109939 EXPLOITDB text WORKING POC
Ninja RSS Syndicator 1.0.8 - Local File Inclusion
EIP-2026-108821 EXPLOITDB text WORKING POC
Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities
CVE-2010-2464 EXPLOITDB text WORKING POC
Rsjoomla Com Rscomments - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
EIP-2026-108850 EXPLOITDB text WORKING POC
Joomla! Component rsmonials - Cross-Site Scripting
CVE-2008-6883 EXPLOITDB text WORKING POC
Joompolitan Com Livechat - SQL Injection
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3335 EXPLOITDB text WORKING POC
Turtushout - SQL Injection
SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field.
EIP-2026-108916 EXPLOITDB text WRITEUP
Joomla! Plugin NoNumber Framework - Multiple Vulnerabilities
EIP-2026-108851 EXPLOITDB text WORKING POC
Joomla! Component Scriptegrator 1.5 - Local File Inclusion
EIP-2026-108785 EXPLOITDB text WORKING POC
Joomla! Component memorybook 1.2 - Multiple Vulnerabilities
EIP-2026-108789 EXPLOITDB php WORKING POC
Joomla! Component MisterEstate - Blind SQL Injection
EIP-2026-108603 EXPLOITDB text WRITEUP
Joomla! Component com_xmap 1.2.11 - Blind SQL Injection
EIP-2026-108658 EXPLOITDB text WORKING POC
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
CVE-2009-3342 EXPLOITDB php WORKING POC
Alphaplug Com Alphauserpoints - SQL Injection
SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter.
EIP-2026-108733 EXPLOITDB text WRITEUP
Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2010-4898 EXPLOITDB bash WORKING POC
Gantry 3.0.10 - SQL Injection
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php.
EIP-2026-108205 EXPLOITDB text WORKING POC
Joomla! Component Answers 2.3beta - Multiple Vulnerabilities
CVE-2009-4625 EXPLOITDB php WORKING POC
BF Survey Pro Free <1.2.6 - SQL Injection
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php.
EIP-2026-108234 EXPLOITDB text WORKING POC
Joomla! Component CCBoard 1.2-RC - Multiple Vulnerabilities
EIP-2026-108280 EXPLOITDB text WORKING POC
Joomla! Component com_billyportfolio 1.1.2 - Blind SQL Injection
EIP-2026-108351 EXPLOITDB text WORKING POC
Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
CVE-2010-0972 EXPLOITDB text WORKING POC
Joomla! com_gcalendar 2.1.5 - Path Traversal
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108432 EXPLOITDB text WORKING POC
Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities
EIP-2026-108448 EXPLOITDB text WRITEUP
Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload