Lucene search

K
JoomlaJoomla1.0.8

13 matches found

CVE
CVE
added 2008/07/18 4:41 p.m.148 views

CVE-2008-3225

Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."

10CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2007/02/12 11:28 p.m.52 views

CVE-2006-7008

Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029.

7.5CVSS6.4AI score0.0008EPSS
CVE
CVE
added 2008/07/18 4:41 p.m.50 views

CVE-2008-3227

Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.

7.5CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2007/01/01 11:0 p.m.43 views

CVE-2006-6832

Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title.

4.3CVSS5.8AI score0.00049EPSS
CVE
CVE
added 2006/07/10 8:5 p.m.42 views

CVE-2006-3481

Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".

7.5CVSS8.9AI score0.00044EPSS
CVE
CVE
added 2008/07/18 4:41 p.m.40 views

CVE-2008-3228

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

7.5CVSS6.7AI score0.0279EPSS
CVE
CVE
added 2007/01/01 11:0 p.m.39 views

CVE-2006-6833

com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors.

7.5CVSS6.6AI score0.00021EPSS
CVE
CVE
added 2007/02/12 11:28 p.m.39 views

CVE-2006-7009

Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors.

7.5CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2007/02/12 11:28 p.m.39 views

CVE-2006-7010

The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.

7.5CVSS7.5AI score0.00007EPSS
CVE
CVE
added 2009/02/26 4:17 p.m.38 views

CVE-2008-6299

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content mod...

3.5CVSS5.5AI score0.00008EPSS
CVE
CVE
added 2006/07/10 8:5 p.m.36 views

CVE-2006-3480

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.

5.8CVSS6.1AI score0.00036EPSS
CVE
CVE
added 2008/07/18 4:41 p.m.32 views

CVE-2008-3226

The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.

5CVSS6.5AI score0.01393EPSS
CVE
CVE
added 2007/01/01 11:0 p.m.31 views

CVE-2006-6834

Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes."

6.8CVSS6.7AI score0.00027EPSS