Joomla!@3.4.5 Security Vulnerabilities and Issues — Joomla!@3.4.5 CVE List

Lucene search

JoomlaJoomla!3.4.5

4 matches found

CVE•added 2015/12/16 9:59 p.m.•188 views

CVE-2015-8562

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.

7.5CVSS8AI score0.93238EPSS

CVE•added 2015/12/16 9:59 p.m.•71 views

CVE-2015-8565

Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors.

7.5CVSS7.1AI score0.00064EPSS

CVE•added 2015/12/16 9:59 p.m.•64 views

CVE-2015-8564

Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive.

7.5CVSS7.1AI score0.00064EPSS

CVE•added 2015/12/16 9:59 p.m.•53 views

CVE-2015-8563

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8CVSS7.1AI score0.00006EPSS