Joomla! 2.5.x < 3.10.7 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.10.7 or 4.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities. - Extracting an specifilcy crafted tar package could write files outside of the intended path...

PT-2022-16271 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla! where under specific circumstances, JInput pollutes method-specific input bags with $ REQUEST data. Recommendations: For Joomla! versions 4.0.0 through 4.1.0...

CVE-2022-23799

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $REQUEST data...

[20220307] - Core - Variable Tampering on JInput $_REQUEST data

Under specific circumstances, JInput pollutes method-specific input bags with $REQUEST data...