5 matches found
Joomla index.php Multiple Parameter XSS - Ver2 (CVE-2011-2710)
A cross-site scripting vulnerability has been reported in Joomla. The vulnerability is due to the script not validating input appended to the URL or passed via the 'searchword', 'extension', 'asset', 'author' parameters upon submission to the index.php script. Successful exploitation of this...
CVE-2011-2708
This CVE-2011-2708 entry is rejected/not used and should reference CVE-2011-2710.
CVE-2011-2710
Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, 2 allow remote attackers to inject...
CVE-2011-2710
Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, 2 allow remote attackers to inject...
CVE-2011-2710
CVE-2011-2710 involves multiple XSS vulnerabilities in Joomla! prior to 1.7.0. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php (reachable through index.php) and (2) the searchword parameter in a search action to index.php in the ...