Aggregates CVE and security vulnerability intelligence across all joompolitan-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk input validation, with potential vendor impact data exposure and vendor impact unexpected behavior across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-6883 | SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 7.5 | 0.20% | 2009-07-30 | 2026-04-23 |
| CVE-2008-6882 | Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string. | [email protected] | 7.5 | 3.12% | 2009-07-30 | 2026-04-23 |
| CVE-2008-6881 | Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php. | [email protected] | 7.5 | 0.17% | 2009-07-30 | 2026-04-23 |