Important: Red Hat Security Advisory: Red Hat Quay 3.9.22

Red Hat Quay 3.9.22 is now available with bug fixes. Quay 3.9.22...

Joomla! 3.9.0 - 3.9.22 Information Disclosure Vulnerability

Joomla! is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

Joomla! information disclosure vulnerability (CNVD-2020-75068)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An information disclosure vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...

ACL Write Conflict Vulnerability in Joomla!

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An ACL write conflict vulnerability exists in Joomla! 1.7.0-3.9.22. The...

CVE-2020-35611

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values...

CVE-2020-35615 [20201106] - Core - CSRF in com_privacy emailexport feature

An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of comprivacy causes a CSRF vulnerability...

PT-2020-17366 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.9.0 through 3.9.22 Description: An issue was discovered that leads to a user enumeration attack vector in the backend login page due to improper handling of the username. Recommendations: For Joomla! versions 3.9.0 through...

Joomla! 输入验证错误漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An ACL write conflict vulnerability exists in Joomla! 1.7.0-3.9.22. The...

Joomla! 信息泄露漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A user enumeration vulnerability exists in the back-end login page of Joomla!...

Joomla! 路径遍历漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A path traversal vulnerability exists in Joomla! 2.5.0 - 3.9.22. The vulnerabilit...

PT-2020-17363 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.22 Description: An issue was discovered where the global configuration page does not remove secrets from the HTML output, disclosing the current values. Recommendations: For Joomla! versions 2.5.0 through...

Joomla SQL注入漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A SQL injection vulnerability exists in the back-end user list of Joomla! 3.0.0 -...

PT-2020-17365 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.9.22 Description: An issue was discovered that leads to a SQL injection vulnerability in the backend user list due to improper filter blacklist configuration. Recommendations: For Joomla! versions 3.0.0 throug...

PT-2020-17364 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.22 Description: An issue was discovered in the folder parameter of mod random image, which lacked input validation, leading to a path traversal vulnerability. Recommendations: For Joomla! versions 2.5.0...

Joomla! 信息泄露漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An information disclosure vulnerability exists in Joomla! 2.5.0-3.9.22. The...

Joomla! 跨站请求伪造漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site request forgery vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...

PT-2020-17368 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 1.7.0 through 3.9.22 Description: An issue was discovered in Joomla! due to a lack of input validation while handling ACL rulesets, which can cause write ACL violations. Recommendations: For versions 1.7.0 through 3.9.22,...

ZenCart MailBeez plugin cross-site scripting vulnerability

MailBeez plugin for ZenCart is a Danish MailBeez company's post-sale e-mail auto-trigger plugin for use in ZenCart e-commerce system. A cross-site scripting vulnerability exists in the mailhive/cloudbeez/cloudloader.php file and the mailhive/cloudbeez/cloudloadercore.php file in MailBeez versions...