20 matches found
EUVD-2012-4179
Malware in sbrugna...
EUVD-2012-1622
Malware in sbrugna...
CVE-2012-3554
SQL injection vulnerability in the RSGallery2 comrsgallery2 component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Joomla! 2.5.x < 3.7.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...
cckseblod 1.x Directory Traversal
comcckseblod aka seblod 1.x for Joomla 1.5 1.9.0 and all previous versions Directory Traversal Resolution: update to 1.9.1 Update notice: http://www.seblod.com/changelogs?sebchangelogproduct=cck1x Developer states that Seblod 3.x, the version compatible with Joomla 2.5 and 3, is not vulnerable...
BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure
BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure Resolution: update to version 3.1.2 or 2.5.2 for users of Joomla 2.5.x update notice: http://beesto.com/forum/read.php?25,1963,1963msg-1963...
JDownloads
unauthorized file upload vulnerable versions: below 1.9.1.6 Joomla 2.5 and below 1.9.2.11 Joomla 3 security release announcement: http://www.jdownloads.com/index.php?option=comcontent=article=231:urgent-security-update-for-19-series=51:news Note that the developer did not inform the VEL...
Joomla Youtube Gallery Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh email protected Vendor Homepage:...
event registration pro
event registration pro, , SQL Injection UpdateNoticeURL: http://www.joomlashowroom.com/blog/security-and-bug-release-for-all-versions-of-event-registration-pro affects versions prior to 3.0.1 Joomla 3 prior to 2.5.6 Joomla 2.5 prior to 1.5.22 Joomla 1.5...
Mijo Analytics, Joomla 2.5.x,
Mijo Analytics, Joomla 2.5.x, SQL Injection...
Design/Logic Flaw
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors...
CVE-2013-3267
CVE-2013-3267 is an XSS vulnerability in the Joomla! Highlighter plugin affecting Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4. The issue is triggered by improper validation of user-supplied input, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors. Impact det...
CVE-2013-3267
Cross-site scripting XSS vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-3059
Cross-site scripting XSS vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1611
Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599...
Design/Logic Flaw
Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."...
CVE-2012-4071
Cross-site scripting XSS vulnerability in the comments module in the RSGallery2 comrsgallery2 component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment...
CVE-2012-3554
SQL injection vulnerability in the RSGallery2 comrsgallery2 component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Joomla 2.5 Modules Simple Spotlight Upload Shell
Exploit for php platform in category web applications Joomla 2.5 Modules Simple Spotlight Upload Shell 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 | | | | || | | | / \ | / | / / 3 1 | | | | | || | | | | | | | | || | / / 7 3 | Exploit Modules Joomla by...