Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDA9F60CE8-A4E0-11E5-B864-14DAE9D210B8
HistoryDec 14, 2015 - 12:00 a.m.

joomla -- multiple vulnerabilities

2015-12-1400:00:00
vuxml.freebsd.org
38

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.973 High

EPSS

Percentile

99.9%

JSON

The JSST and the Joomla! Security Center report:

[20151201] - Core - Remote Code Execution Vulnerability
Browser information is not filtered properly while saving the
session values into the database which leads to a Remote Code
Execution vulnerability.

[20151202] - Core - CSRF Hardening
Add additional CSRF hardening in com_templates.

[20151203] - Core - Directory Traversal
Failure to properly sanitize input data from the XML install file
located within an extension’s package archive allows for directory
traversal.

[20151204] - Core - Directory Traversal
Inadequate filtering of request data leads to a Directory Traversal
vulnerability.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjoomla3<Β 3.4.6UNKNOWN

Related

nessus 4
openvas 2
cve 4
checkpoint_advisories 1
saint 4
prion 4
packetstorm 2
zdt 2
joomla 4
canvas 1
threatpost 1
exploitpack 1
exploitdb 1
impervablog 1
nessus
nessus
Joomla! < 3.4.6 Multiple Vulnerabilities
2015-12-16 00:00:00
FreeBSD : joomla -- multiple vulnerabilities (a9f60ce8-a4e0-11e5-b864-14dae9d210b8)
2015-12-18 00:00:00
Joomla! User-Agent Object Injection RCE
2016-01-29 00:00:00
openvas
openvas
Joomla! Core Remote Code Execution Vulnerability
2015-12-16 00:00:00
Joomla! Core Remote Code Execution Vulnerability (Version Check)
2015-12-17 00:00:00
cve
cve
CVE-2015-8565
2015-12-16 21:59:00
CVE-2015-8563
2015-12-16 21:59:00
CVE-2015-8564
2015-12-16 21:59:00
checkpoint_advisories
checkpoint_advisories
Joomla Object Injection Remote Command Execution (CVE-2015-8562)
2015-12-15 00:00:00
saint
saint
Joomla User-Agent PHP object injection
2015-12-17 00:00:00
Joomla User-Agent PHP object injection
2015-12-17 00:00:00
Joomla User-Agent PHP object injection
2015-12-17 00:00:00
prion
prion
Cross site request forgery (csrf)
2015-12-16 21:59:00
Directory traversal
2015-12-16 21:59:00
Design/Logic Flaw
2015-12-16 21:59:00
packetstorm
packetstorm
Joomla 3.4.5 Object Injection
2015-12-31 00:00:00
Joomla HTTP Header Unauthenticated Remote Code Execution
2015-12-17 00:00:00
zdt
zdt
Joomla 1.5 - 3.4.5 - HTTP Header Unauthenticated Remote Code Execution Exploit
2015-12-19 00:00:00
Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header Exploit
2015-12-18 00:00:00
joomla
joomla
[20151201] - Core - Remote Code Execution Vulnerability
2015-12-13 00:00:00
[20151204] - Core - Directory Traversal
2015-11-26 00:00:00
[20151203] - Core - Directory Traversal
2015-11-26 00:00:00
canvas
canvas
Immunity Canvas: JOOMLA_SESSION_UNSERIALIZE
2015-12-16 21:59:00
threatpost
threatpost
Threatlist: Hackers Turn to Python as Attack Coding Language of Choice
2018-09-27 20:08:07
exploitpack
exploitpack
Joomla! 1.5 3.4.5 - Object Injection x-forwarded-for Header Remote Code Execution
2015-12-18 00:00:00
exploitdb
exploitdb
Joomla! 1.5 &lt; 3.4.6 - Object Injection &#039;x-forwarded-for&#039; Header Remote Code Execution
2015-12-18 00:00:00
impervablog
impervablog
The World’s Most Popular Coding Language Happens to be Most Hackers’ Weapon of Choice
2018-09-26 16:18:36

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.973 High

EPSS

Percentile

99.9%

JSON
Related for A9F60CE8-A4E0-11E5-B864-14DAE9D210B8
nessus4openvas2cve4checkpoint_advisories1saint4prion4packetstorm2zdt2joomla4canvas1threatpost1exploitpack1exploitdb1impervablog1