Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.8 HIGH
CVE-2017-20278 — Joomla JoomRecipe 1.0.3 SQL Injection via category parameter

Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. At…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20277 — Joomla JoomRecipe 1.0.4 Component Blind SQL Injection via search_author

Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the search_author parameter on the search results page. Attackers can inject SQL code through POST requests to the se…

Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.8 HIGH
CVE-2017-20276 — Joomla! Component SIMGenealogy 2.1.5 SQL Injection

Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. Att…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20275 — Joomla! Component PHP-Bridge 1.2.3 SQL Injection via id Parameter

Joomla! Component PHP-Bridge 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter.…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20274 — Joomla LMS King Professional 3.2.4.0 SQL Injection via learningpath

Joomla LMS King Professional 3.2.4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cp_id parameter. At…

Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.8 HIGH
CVE-2017-20273 — Joomla Event Registration Pro Calendar 4.1.3 SQL Injection

Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id …

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20272 — Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sf_select…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20271 — Joomla StreetGuessr Game 1.1.8 SQL Injection via catid

Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. …

Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.8 HIGH
CVE-2017-20270 — Joomla! Component Twitch Tv 1.1 SQL Injection

Joomla! Component Twitch Tv 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the username and id …

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20269 — Joomla! Component KissGallery 1.0.0 SQL Injection

Joomla! Component KissGallery 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the component URL path. Attackers can supply malicious…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20268 — Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' …

Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
5.3 MEDIUM
CVE-2026-12622 — Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Serv…

The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0.

Remote | Misconfiguration
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
5.3 MEDIUM
CVE-2026-12621 — Cross-Site Scripting (XSS) Vulnerability in Password Reset Redirect in GridTime™ 3000 GNS…

Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 (password reset form) allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0.

Remote | Cross-Site Scripting
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
4.6 MEDIUM
CVE-2026-12620 — Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0.

Remote | Information Disclosure
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
5.1 MEDIUM
CVE-2026-12619 — GridTime™ 3000 GNSS Time Server CSRF to XSS

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting (XSS). This issue affects GridTime 30…

Remote | Cross-Site Scripting
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20267 — Joomla! Component Calendar Planner 1.0.1 SQL Injection

Joomla! Component Calendar Planner 1.0.1 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the category_id parameter. Attackers can send GET…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20266 — Joomla SP Movie Database 1.3 SQL Injection via searchword

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword paramete…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
7.1 HIGH
CVE-2017-20265 — Joomla! Component Flip Wall 8.0 SQL Injection

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter…

Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.1 HIGH
CVE-2017-20264 — Joomla! Component Sponsor Wall 8.0 SQL Injection

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parame…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.8 HIGH
CVE-2017-20263 — Joomla! FocalPoint Pro Free 1.2.3 SQL Injection via location

Joomla! Component FocalPoint Pro/Free 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id p…

Remote | Injection
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
Showing 20 of 8012 Results