EUVD-2007-4171

Malware in sbrugna...

EUVD-2009-1277

Malware in sbrugna...

CVE-2011-2509

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the comcontact component, as demonstrated by the Itemid parameter to index.php; 2 the query string to the comcontent component, as...

Joomla 1.5 RC3 com_search Component index.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26707/info Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

[20110901] - Core - XSS Vulnerability

Inadequate escaping leads to XSS vulnerability in comsearch...

CVE-2011-2509

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the comcontact component, as demonstrated by the Itemid parameter to index.php; 2 the query string to the comcontent component, as...

CVE-2011-2710

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, 2 allow remote attackers to inject...

Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities

No description provided by source. component: comsearch, parameter: searchword Browser: IE, Konqueror ===================================================================== N.B. Our previous reported issue 1.6.3 of "searchword" parameter XSS was not fixed completely. REQUEST POST...

Joomla! "searchword" Cross-Site Scripting Vulnerability

No description provided by source. Aung Khant has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "searchword" POST parameter to index.php when "option" is set to "comsearch" and "task" is set to...

CVE-2011-0005

Cross-site scripting XSS vulnerability in the comsearch module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the comsearch module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php...

CVE-2011-0005

CVE-2011-0005 : Joomla! 1.0.x through 1.0.15 contains a cross-site scripting (XSS) vulnerability in the com_search module that allows injection of arbitrary script/HTML via the ordering parameter to index.php. Affected component: Joomla! core com_search (index.php parameter ordering). Root cause:...

CVE-2009-1279

Multiple cross-site scripting XSS vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the 1 comadmin component, 2 comsearch component when "Gather Search Statistics" is enabled, and 3 the category view in the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the 1 comadmin component, 2 comsearch component when "Gather Search Statistics" is enabled, and 3 the category view in the...

[20090301] - Core - Multiple XSS/CSRF

A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include comadmin, commedia, comsearch. Both comadmin and comsearch contain XSS vulnerabilities, and commedia contains 2 CSRF vulnerabilities...

Sql injection

Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via 1 the view parameter to the comcontent component, 2 the task parameter to the comsearch component, or 3 the option parameter in a search action to the comsearch...

CVE-2007-6272

Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via 1 the view parameter to the comcontent component, 2 the task parameter to the comsearch component, or 3 the option parameter in a search action to the comsearch...

Blind Sql-Injection in Joomla 1.5 RC3

Thanks to team of Darkc0de.com Blind Sql-Injection in Joomla 1.5 RC3 URL : http://localhost/index.php 1. Parameter = view The following changes were applied to the original request: • Set parameter 'view's value to 'somechars'20+20'article' POC URL :...

Joomla! Component com_search 1.5 RC3 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/26707/info Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

Cross site scripting

Cross-site scripting XSS vulnerability in the comsearch component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1...