Joomla! Security Vulnerabilities and Issues — Joomla! CVE List

Lucene search

JoomlaJoomla!

6 matches found

CVE•added 2012/10/31 4:55 p.m.•53 views

CVE-2012-4531

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00011EPSS

CVE•added 2012/10/31 4:55 p.m.•52 views

CVE-2012-4532

Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party ...

4.3CVSS5.9AI score0.00022EPSS

CVE•added 2012/10/07 9:55 p.m.•39 views

CVE-2011-4910

Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

4.3CVSS5.9AI score0.00032EPSS

CVE•added 2012/10/07 9:55 p.m.•38 views

CVE-2011-4911

Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.

5CVSS6.8AI score0.00411EPSS

CVE•added 2012/10/07 9:55 p.m.•33 views

CVE-2011-4909

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.ph...

4.3CVSS5.9AI score0.00075EPSS

CVE•added 2012/10/22 11:55 p.m.•28 views

CVE-2012-5455

Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error."

4.3CVSS5.9AI score0.00011EPSS