2 matches found
CVE-2007-6643
Cross-site scripting XSS vulnerability in the compoll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-6645
Joomla! CVE-2007-6645 affects Joomla before 1.5 RC4, allowing remote authenticated users to escalate privileges via unspecified vectors. Public docs confirm the issue and point to a fixed package in Joomla 1.0.15 per Mandriva MDVSA-2008:060; no exploit details are provided in the supplied sources.