CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Harmistechnology : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-5230 2012-10-01 2012-10-02
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
2 CVE-2010-5028 89 1 Exec Code Sql 2011-11-02 2011-11-17
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
3 CVE-2010-5022 89 1 Exec Code Sql 2011-11-02 2011-11-17
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
4 CVE-2010-4865 89 1 Exec Code Sql 2011-10-05 2012-02-13
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
5 CVE-2010-4862 89 1 Exec Code Sql 2011-10-05 2013-07-25
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
6 CVE-2010-4720 89 Exec Code Sql 2011-02-01 2011-02-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
7 CVE-2010-4517 89 1 Exec Code Sql 2010-12-09 2010-12-10
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php.
8 CVE-2010-4365 89 2 Exec Code Sql 2010-12-01 2010-12-02
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
9 CVE-2010-2680 22 2 Dir. Trav. 2010-07-12 2010-07-12
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
10 CVE-2010-2613 79 2 XSS 2010-07-02 2010-07-02
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php.
11 CVE-2010-2513 89 2 Exec Code Sql 2010-06-28 2010-06-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
12 CVE-2010-2129 22 2 Dir. Trav. 2010-06-01 2010-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
13 CVE-2010-2128 22 1 Dir. Trav. 2010-06-01 2010-06-02
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php.
14 CVE-2010-0796 89 2 Exec Code Sql 2010-03-02 2010-03-03
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php.
15 CVE-2010-0795 89 1 Exec Code Sql 2010-03-02 2010-03-03
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php.
Total number of vulnerabilities : 15   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.