Joomla! Security Vulnerabilities and Issues — Joomla! CVE List

Lucene search

JoomlaJoomla!

11 matches found

CVE•added 2012/09/06 9:55 p.m.•55 views

CVE-2012-1612

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00011EPSS

CVE•added 2012/09/06 7:55 p.m.•42 views

CVE-2012-0822

Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.

4.3CVSS5.8AI score0.00015EPSS

CVE•added 2012/09/26 12:55 a.m.•42 views

CVE-2012-1116

SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.7AI score0.00119EPSS

CVE•added 2012/09/06 7:55 p.m.•41 views

CVE-2012-0820

Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.

4.3CVSS5.8AI score0.00015EPSS

CVE•added 2012/09/06 7:55 p.m.•39 views

CVE-2012-0821

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.

5CVSS6.2AI score0.00016EPSS

CVE•added 2012/09/06 7:55 p.m.•39 views

CVE-2012-0835

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator."

5CVSS6.1AI score0.00011EPSS

CVE•added 2012/09/06 7:55 p.m.•39 views

CVE-2012-0837

Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."

5CVSS6.6AI score0.00011EPSS

CVE•added 2012/09/06 7:55 p.m.•38 views

CVE-2012-0819

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.

5CVSS6.2AI score0.00016EPSS

CVE•added 2012/09/26 12:55 a.m.•38 views

CVE-2012-1117

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00011EPSS

CVE•added 2012/09/06 9:55 p.m.•35 views

CVE-2012-1611

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.

5CVSS6.1AI score0.00451EPSS

CVE•added 2012/09/06 7:55 p.m.•31 views

CVE-2012-0836

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.

5CVSS6.5AI score0.00011EPSS