Text Exploits
31,386 exploits tracked across all sources.
Pinterest Clone Social Pinboard 2.0 - SQL Injection
SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action.
by Ihsan Sencan
CVSS 9.8
Timetable Responsive Schedule 1.5 - SQL Injection via view=event&alias= Request
SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.
by Ihsan Sencan
CVSS 9.8
Staff Master < 1.0 - SQL Injection via Name Parameter
SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request.
by Ihsan Sencan
CVSS 9.8
SquadManagement 1.0.3 - SQL Injection via id Parameter
SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter.
by Ihsan Sencan
CVSS 9.8
Solidres 2.5.1 - SQL Injection via Hub Search Direction Parameter
SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action.
by Ihsan Sencan
CVSS 9.8
Joomla! Smart Shoutbox 3.0.0 - SQL Injection
SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI.
by Ihsan Sencan
CVSS 9.8
SimpleCalendar 3.1.9 - SQL Injection
SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.
by Ihsan Sencan
CVSS 9.8
Saxum Picker 3.2.10 - SQL Injection via Publicid Parameter
SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter.
by Ihsan Sencan
CVSS 9.8
Saxum Numerology 3.0.4 - SQL Injection via publicid Parameter
SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter.
by Ihsan Sencan
CVSS 9.8
Saxum Astro 4.0.14 - SQL Injection via publicid Parameter
SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.
by Ihsan Sencan
CVSS 9.8
realpin < 1.5.04 - SQL Injection via Pinboard Parameter
SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter.
by Ihsan Sencan
CVSS 9.8
Joomla! Project Log 1.5.3 - SQL Injection
SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.
by Ihsan Sencan
CVSS 9.8
NeoRecruit 4.1 - SQL Injection via PATH_INFO or .html File Name
SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.
by Ihsan Sencan
CVSS 9.8
MediaLibrary Free 4.0.12 - SQL Injection
SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.
by Ihsan Sencan
CVSS 9.8
Simple Image Gallery Extended < 3.3.0 - Reflected Cross-Site Scripting via img, name, or caption Parameter
Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter.
by Alwin Peppels
CVSS 6.1
JTicketing 2.0.16 - SQL Injection via filter_creator or filter_events_cat Parameter
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter.
by Ihsan Sencan
CVSS 9.8
JS Jobs 1.1.9 - SQL Injection via Zipcode or ta Parameter
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
by Ihsan Sencan
CVSS 9.8
JS Autoz 1.0.9 - SQL Injection via vtype, pre, or prs Parameter
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
by Ihsan Sencan
CVSS 9.8
jquickcontact 1.3.2.2.1 - SQL Injection via task=refresh&sid= Request
SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request.
by Ihsan Sencan
CVSS 9.8
JomEstate PRO < 3.7 - SQL Injection via id Parameter in task=detailed Action
SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action.
by Ihsan Sencan
CVSS 9.8
JGive 2.0.9 - SQL Injection via filter_org_ind_type or campaign_countries Parameter
SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.
by Ihsan Sencan
CVSS 9.8
JB Bus 2.3 - SQL Injection via order_number Parameter
SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.
by Ihsan Sencan
CVSS 9.8
InviteX 3.0.5 - SQL Injection via invite_type Parameter
SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.
by Ihsan Sencan
CVSS 9.8
Google Map Landkarten <= 4.2.3 - SQL Injection via cid/id/map Parameters
SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
by Ihsan Sencan
CVSS 9.8
Gallery WD 1.3.6 - SQL Injection via tag_id or gallery_id Parameter
SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.
by Ihsan Sencan
CVSS 9.8
By Source