4 matches found
Design/Logic Flaw
An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using comfields...
Joomla! 2.5.x < 3.7.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...
Joomla! 3.7 Core SQL injection (CVE-2017-8917)vulnerability analysis-vulnerability warning-the black bar safety net
Author: p0wd3r know Chong Yu 404 security lab Date: 2017-05-18 0x00 vulnerability overview Vulnerability description Joomla to 5 on 17 May released the new version 3. 7. 1, of this update fixes a high-riskSQL injectionvulnerability to successfully exploit the vulnerability an attacker can...
CVE-2017-7983
In Joomla! 1.5.0 through 3.6.5 fixed in 3.7.0, mail sent using the JMail API leaked the used PHPMailer version in the mail headers...