Text Exploits
31,346 exploits tracked across all sources.
Joomla! Timetable Schedule <3.6.8 - SQL Injection
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter.
by Ihsan Sencan
CVSS 9.8
Swap Factory 2.2.1 - SQL Injection
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter.
by Ihsan Sencan
CVSS 9.8
Social Factory 3.8.3 - SQL Injection
SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter.
by Ihsan Sencan
CVSS 9.8
Joomla! Reverse Auction Factory 4.3.8 - SQL Injection
SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter.
by Ihsan Sencan
CVSS 9.8
Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection
by AkkuS
Raffle Factory 3.5.2 - SQL Injection
SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
by Ihsan Sencan
CVSS 9.8
Joomla! 1.4.3 - SQL Injection
SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter.
by Ihsan Sencan
CVSS 9.8
Penny Auction Factory 2.0.4 - SQL Injection
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
by Ihsan Sencan
CVSS 9.8
Music Collection 3.0.3 - SQL Injection
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.
by Ihsan Sencan
CVSS 9.8
Jobs Factory 2.0.4 - SQL Injection
SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter.
by Ihsan Sencan
CVSS 9.8
Joomla! Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
by AkkuS
Joomla! - SQL Injection
SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter.
by Ihsan Sencan
CVSS 9.8
Article Factory Manager 4.3.9 - SQL Injection
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter.
by Ihsan Sencan
CVSS 9.8
AlphaIndex Dictionaries <1.0 - SQL Injection
SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter.
by Ihsan Sencan
CVSS 9.8
RICOH MP C6503 Plus Printer - Cross-Site Scripting
by Ismail Tasdelen
Auction Factory 4.5.5 - SQL Injection
SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter.
by Ihsan Sencan
CVSS 9.8
Micro Deal Factory 2.4.0 - SQL Injection
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
by Ihsan Sencan
CVSS 9.8
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-14014. Reason: This candidate is a reservation duplicate of CVE-2020-14014. Notes: All CVE users should reference CVE-2020-14014 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by Renzi
MyBB <1.8.19 - XSS
A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.
by Numan OZDEMIR
CVSS 5.4
CWJoomla <2.0.7, <1.0.6 - SQL Injection
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
by Haboob Team
CVSS 9.8
By Source