7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.8%
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to βInjection Flaws,β allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Image; (4) ->load(); (5) content submissions when frontpage is selected; (6) the mosPageNav constructor; (7) saveOrder functions; (8) the absence of βexploit blocking rulesβ in htaccess; and (9) the ACL.
CPE | Name | Operator | Version |
---|---|---|---|
joomla:joomla | joomla | eq | 1.0.9 |
joomla:joomla | joomla | le | 1.0.10 |