23 matches found
EUVD-2021-12861
Malware in sbrugna...
EUVD-2007-4762
Malware in sbrugna...
CVE-2021-26038
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...
CVE-2021-26038
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...
Hardcoded credentials
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...
CVE-2021-26038 [20210704] - Core - Privilege escalation through com_installer
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...
CVE-2021-26038
Joomla! 2.5.0 through 3.9.27 is affected by CVE-2021-26038 due to an install action in com_installer lacking hardcoded ACL checks for superusers, enabling privilege escalation. The default ACL for com_installer is limited to super users, so the default system is not affected. A patch is available...
Code problem vulnerability of Joomla!
Joomla! is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in Joomla! 2.5.0 - 3.9.27. The vulnerability stems from a hard-coded ACL check for superuser missing from the install operation in cominstaller, which can be exploited to execute...
Joomla 2.5.x < 3.9.28 Multiple Vulnerabilities (5840-joomla-3-9-28)
According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.28. It is, therefore, affected by multiple vulnerabilities. - Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability. CVE-2021-26035 - Missing...
[20210704] - Core - Privilege escalation through com_installer
Install action in cominstaller lack the required hardcoded ACL checks for superusers, leading to various potential attack vectors. A default system is not affected cause by default cominstaller is limited to super users already...
CVE-2020-15700
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...
CVE-2020-15700
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...
Cross site request forgery (csrf)
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...
CVE-2020-15700
CVE-2020-15700 affects Joomla! up to 3.9.19: the ajax_install endpoint in com_installer lacks a token check, causing a CSRF vulnerability. Affected: Joomla! through 3.9.19. Impact: CSRF (network vector; user interaction required; confidentiality/integrity/availability LOW). Mitigation: upgrade to...
[20200701] - Core - CSRF in com_installer ajax_install endpoint
A missing token check in the ajaxinstall endpoint cominstaller causes a CSRF vulnerability...
Joomla! < 3.8.13 Multiple Vulnerabilities
Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...
CVE-2018-17858
An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...
CVE-2018-17858
An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...
Cross site request forgery (csrf)
An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...
CVE-2018-17858
Joomla! prior to 3.8.13 is affected by a CSRF vulnerability in the backend of com_installer actions due to insufficient CSRF hardening. The issue can lead to unauthorized operations (impacting confidentiality, integrity, and availability as noted in CVSS) and is mitigated by upgrading to Joomla! ...