joomla
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.0 | 6.1 MEDIUM | — | ||
Lack of input filtering leads to an XSS vector in the HTML filter code. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
An improper access check allows privelege escalation through the com_users group editing webservice endpoint. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 6.1 MEDIUM | — | ||
Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 7.5 HIGH | — | ||
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key. | ||||
| >= 4.1.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 4.3 MEDIUM | — | ||
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
An improper access check allows privilege escalation through the com_users batch task. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
An improper access check allows privilege escalation through the com_users batch task. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 7.5 HIGH | — | ||
Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 7.5 HIGH | — | ||
Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 7.5 HIGH | — | ||
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. | ||||
| >= 3.2.1, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
An improper validation of user-supplied input leads to a local file inclusion vulnerability. | ||||
| >= 4.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
An improper access check allows unauthorized access to com_config webservice endpoints. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 9.8 CRITICAL | — | ||
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder. | ||||
| >= 6.0.0, < 6.1.1 | 4.3 MEDIUM | — | ||
Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 6.1 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the readmore links for com_content. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 6.1 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the content history component. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 6.1 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the multilingual associations component. | ||||
| >= 3.0.0, < 5.4.6, >= 6.0.0, < 6.1.1 | 6.1 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the feed modules. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 8.8 HIGH | — | ||
An improper access check allows unauthorized access to webservice endpoints. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 7.2 HIGH | — | ||
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 5.4 MEDIUM | — | ||
Lack of output escaping for article titles leads to XSS vectors in various locations. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 5.4 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the multilingual associations component. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 8.8 HIGH | — | ||
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. | ||||
| >= 3.0.0, < 5.4.4, >= 6.0.0, < 6.0.4 | 7.3 HIGH | — | ||
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers. | ||||
| >= 3.9.0, < 5.4.2, >= 6.0.0, < 6.0.2 | 6.1 MEDIUM | — | ||
Lack of output escaping leads to a XSS vector in the pagebreak plugin. | ||||
| >= 4.0.0, < 5.4.2, >= 6.0.0, < 6.0.2 | 6.1 MEDIUM | — | ||
Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags. | ||||
| >= 4.0.0, < 4.4.13, >= 5.0.0, < 5.2.6 | 7.5 HIGH | — | ||
Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||||
| >= 1.0.0, < 2.2.0, >= 3.0.0, < 3.4.0 | 9.8 CRITICAL | — | ||
Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used. | ||||
| >= 4.0.0, < 4.4.10, >= 5.0.0, < 5.2.3, >= 3.9.0, < 3.10.20 | 7.5 HIGH | — | ||
Improper Access Controls allows access to protected views. | ||||
| >= 4.0.0, < 4.4.10, >= 5.0.0, < 5.2.3, >= 3.9.0, < 3.10.20 | 7.5 HIGH | — | ||
Lack of output escaping in the id attribute of menu lists. | ||||
| >= 4.0.0, < 4.4.10, >= 5.0.0, < 5.2.3 | 6.1 MEDIUM | — | ||
Various module chromes didn't properly process inputs, leading to XSS vectors. | ||||
| >= 4.0.0, < 4.4.6, >= 5.0.0, < 5.1.3, >= 3.0.0, < 3.10.17 | 6.1 MEDIUM | — | ||
The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors. | ||||
| >= 4.0.0, < 4.4.7, >= 5.0.0, < 5.1.3 | 7.5 HIGH | — | ||
Improper Access Controls allows backend users to overwrite their username when disallowed. | ||||
| >= 4.0.0, < 4.4.7, >= 5.0.0, < 5.1.3 | 6.1 MEDIUM | — | ||
The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions. | ||||
| >= 4.0.0, < 4.4.7, >= 5.0.0, < 5.1.3, >= 3.0.0, < 3.10.17 | 9.1 CRITICAL | — | ||
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors. | ||||
| >= 4.0.0, < 4.4.7, >= 5.0.0, < 5.1.3, >= 3.4.6, < 3.10.17 | 6.1 MEDIUM | — | ||
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.. | ||||
| >= 3.0.0, < 3.10.16, >= 4.0.0, < 4.4.6, >= 5.0.0, < 5.1.2 | 6.1 MEDIUM | — | ||
The wrapper extensions do not correctly validate inputs, leading to XSS vectors. | ||||
| >= 4.0.0, < 4.4.6, >= 5.0.0, < 5.1.2, >= 3.7.0, < 3.10.16 | 6.1 MEDIUM | — | ||
The Custom Fields component not correctly filter inputs, leading to a XSS vector. | ||||
| >= 5.0.0, <= 5.1.1, >= 4.0.0, <= 4.4.5, >= 3.0.0, <= 3.10.15 | 6.1 MEDIUM | — | ||
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method. | ||||
| >= 4.0.0, < 4.4.6, >= 5.0.0, < 5.1.2 | 5.4 MEDIUM | — | ||
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector. | ||||
| >= 4.0.0, < 4.4.6, >= 5.0.0, < 5.1.2 | 6.1 MEDIUM | — | ||
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field. | ||||
| >= 3.7.0, <= 3.10.15, >= 5.0.0, < 5.0.3, >= 4.0.0, < 4.4.3 | 6.5 MEDIUM | — | ||
Inadequate content filtering leads to XSS vulnerabilities in various components. | ||||
| >= 5.0.0, < 5.0.3, >= 4.0.0, < 4.4.3 | 6.1 MEDIUM | — | ||
Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components. | ||||
| >= 5.0.0, < 5.0.3, >= 4.0.0, < 4.4.3, >= 1.6.0, < 3.10.15 | 6.1 MEDIUM | — | ||
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions. | ||||
| >= 5.0.0, < 5.0.3, >= 4.0.0, < 4.4.3, >= 1.5.0, < 3.10.15 | 4.3 MEDIUM | — | ||
Inadequate parsing of URLs could result into an open redirect. | ||||
| >= 5.0.0, < 5.0.3, >= 4.0.0, < 4.4.3, >= 3.2.0, < 3.10.15 | 6.3 MEDIUM | — | ||
The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified. | ||||
| = 5.0.0, >= 4.0.0, < 4.4.1, >= 1.6.0, < 3.10.14 | 7.5 HIGH | — | ||
The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information. | ||||
| >= 4.2.0, < 4.3.2 | 7.5 HIGH | — | ||
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods. | ||||
| >= 4.2.0, < 4.3.2 | 6.1 MEDIUM | — | ||
An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen. | ||||
| = *, >= 4.0.0, < 4.2.8 | 5.3 MEDIUM | — | ||
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. | ||||
| >= 4.0.0, <= 4.2.4 | 4.3 MEDIUM | — | ||
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs. | ||||
| >= 4.0.0, <= 4.2.6 | 6.3 MEDIUM | — | ||
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages. | ||||
| >= 4.0.0, < 4.2.5 | 6.1 MEDIUM | — | ||
An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media. | ||||
| = *, >= 4.0.0, <= 4.2.3 | 6.1 MEDIUM | — | ||
An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components. | ||||
| >= 4.0.0, <= 4.2.3 | 5.3 MEDIUM | — | ||
An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. | ||||
| = 4.2.0 | 5.3 MEDIUM | — | ||
An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. | ||||
| >= 4.0.0, <= 4.1.0 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media. | ||||
| >= 4.0.0, <= 4.1.0 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components. | ||||
| >= 4.0.0, <= 4.1.0 | 9.8 CRITICAL | 6.8 MEDIUM | ||
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data. | ||||
| >= 4.0.0, <= 4.1.0, >= 2.5.0, <= 3.10.6 | 6.1 MEDIUM | 5.8 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not. | ||||
| >= 4.0.0, <= 4.1.0, >= 3.0.0, <= 3.10.6 | 9.8 CRITICAL | 7.5 HIGH | ||
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection. | ||||
| >= 3.7.0, <= 3.10.6 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields. | ||||
| >= 4.0.0, <= 4.1.0, >= 2.5.0, <= 3.10.6 | 9.8 CRITICAL | 6.8 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover. | ||||
| >= 4.0.0, <= 4.1.0, >= 3.0.0, <= 3.10.6 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application. | ||||
| >= 4.0.0, <= 4.1.0, >= 3.0.0, <= 3.10.6 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path. | ||||
| = 4.0.0 | 9.1 CRITICAL | 6.4 MEDIUM | ||
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command. | ||||
| >= 3.0.0, <= 3.9.27 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability. | ||||
| >= 2.5.0, <= 3.9.27 | 7.5 HIGH | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already. | ||||
| >= 2.5.0, <= 3.9.27 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked. | ||||
| >= 2.5.0, <= 3.9.27 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table. | ||||
| >= 3.0.0, <= 3.9.27 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability. | ||||
| >= 1.5.0, <= 1.5.15 | 9.8 CRITICAL | 7.5 HIGH | ||
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable. | ||||
| >= 1.5.0, <= 1.5.15 | 9.8 CRITICAL | 7.5 HIGH | ||
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable. | ||||
| >= 1.5.0, <= 1.5.15 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable. | ||||
| >= 1.5.0, <= 1.5.15 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable. | ||||
| >= 3.0.0, <= 3.9.26 | 6.5 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo. | ||||
| >= 3.0.0, <= 3.9.26 | 6.5 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint. | ||||
| >= 3.0.0, <= 3.9.26 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors. | ||||
| >= 3.0.0, <= 3.9.25 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI. | ||||
| >= 3.0.0, <= 3.9.25 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page | ||||
| >= 1.6.0, < 3.9.25 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field. | ||||
| >= 3.0.0, < 3.9.25 | 5.5 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path. | ||||
| >= 3.0.0, < 3.9.25 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article. | ||||
| >= 3.0.0, < 3.9.25 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads | ||||
| >= 3.2.0, < 3.9.25 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager. | ||||
| >= 2.5.0, < 3.9.25 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues. | ||||
| >= 2.5.0, < 3.9.25 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues. | ||||
| >= 3.2.0, < 3.9.25 | 9.1 CRITICAL | 6.4 MEDIUM | ||
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat. | ||||
| >= 3.2.0, < 3.9.25 | 9.1 CRITICAL | 6.4 MEDIUM | ||
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes. | ||||
| >= 3.2.0, < 3.9.25 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret. | ||||
| >= 3.1.0, <= 3.9.23 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors. | ||||
| >= 3.9.0, <= 3.9.23 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks. | ||||
| >= 3.0.0, <= 3.9.23 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules. | ||||
| >= 1.7.0, <= 3.9.22 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations. | ||||
| >= 2.5.0, <= 3.9.22 | 6.3 MEDIUM | 6.8 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability. | ||||
| >= 3.9.0, <= 3.9.22 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page. | ||||
| >= 3.0.0, <= 3.9.22 | 9.8 CRITICAL | 7.5 HIGH | ||
An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list. | ||||
| >= 2.5.0, <= 3.9.22 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability. | ||||
| >= 2.5.0, <= 3.9.22 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values. | ||||
| >= 2.5.0, <= 3.9.22 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms. | ||||
| >= 3.9.0, < 3.9.21 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks. | ||||
| >= 3.0.0, < 3.9.21 | 6.1 MEDIUM | 5.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect. | ||||
| >= 3.9.0, <= 3.9.19 | 6.3 MEDIUM | 6.8 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. A missing token check in the remove request section of com_privacy causes a CSRF vulnerability. | ||||
| >= 3.7.0, <= 3.9.19 | 6.3 MEDIUM | 6.8 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajax_install endpoint of com_installer causes a CSRF vulnerability. | ||||
| >= 2.5.0, <= 3.9.19 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. Missing validation checks on the usergroups table object can result in a broken site configuration. | ||||
| >= 3.0.0, <= 3.9.19 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials | ||||
| >= 3.0.0, <= 3.9.19 | 4.3 MEDIUM | 4 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users. | ||||
| >= 3.0.0, <= 3.9.19 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! through 3.9.19. Lack of input filtering and escaping allows XSS attacks in mod_random_image. | ||||
| >= 3.9.0, < 3.9.19 | 6.1 MEDIUM | 4.3 MEDIUM | ||
In Joomla! before 3.9.19, incorrect input validation of the module tag option in com_modules allows XSS. | ||||
| = 2.5.0, >= 2.5.1, < 3.9.19 | 7.5 HIGH | 5 MEDIUM | ||
In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users. | ||||
| = 3.0.0, >= 3.0.1, < 3.9.19 | 6.1 MEDIUM | 4.3 MEDIUM | ||
In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS. | ||||
| = 3.7.0, >= 3.7.1, < 3.9.19 | 8.8 HIGH | 6.8 MEDIUM | ||
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF. | ||||
| >= 2.5.0, < 3.9.17 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups. | ||||
| >= 3.8.8, < 3.9.17 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups. | ||||
| >= 2.5.0, < 3.9.17 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration. | ||||
| >= 3.0.0, < 3.9.16 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. | ||||
| >= 2.5.0, < 3.9.16 | 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors. | ||||
| >= 3.0.0, < 3.9.16 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks. | ||||
| >= 3.2.0, < 3.9.16 | 8.8 HIGH | 6.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF. | ||||
| >= 1.7.0, < 3.9.16 | 9.8 CRITICAL | 7.5 HIGH | ||
An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype. | ||||
| >= 3.7.0, < 3.9.16 | 8.8 HIGH | 6.5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users. | ||||
| = 1.6.0 | 9.1 CRITICAL | 6.4 MEDIUM | ||
Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. | ||||
| >= 1.5.0, <= 1.5.13 | 5.3 MEDIUM | 5 MEDIUM | ||
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | ||||
| < 1.7.2 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | ||||
| < 1.7.2 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! core 1.7.1 allows information disclosure due to weak encryption | ||||
| >= 3.9.0, < 3.9.14 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs. | ||||
| >= 3.0.0, < 3.9.15 | 8.8 HIGH | 6.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability. | ||||
| >= 3.0.0, < 3.9.15 | 8.8 HIGH | 6.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities. | ||||
| <= 1.7.0 | 5.4 MEDIUM | 3.5 LOW | ||
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. | ||||
| >= 1.5.0, <= 1.5.12 | 5.3 MEDIUM | 5 MEDIUM | ||
Joomla! 1.5x through 1.5.12: Missing JEXEC Check | ||||
| < 2.5.3 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! before 2.5.3 allows Admin Account Creation. | ||||
| < 2.5.3 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! core before 2.5.3 allows unauthorized password change. | ||||
| >= 3.8.0, < 3.9.14 | 5.3 MEDIUM | 5 MEDIUM | ||
In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | ||||
| >= 2.5.0, <= 3.9.14 | 9.8 CRITICAL | 7.5 HIGH | ||
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors. | ||||
| >= 3.6.0, < 3.9.13 | 5.3 MEDIUM | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure. | ||||
| >= 3.2.0, <= 3.9.12 | 8.8 HIGH | 6.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability. | ||||
| >= 3.0.0, < 3.9.12 | 6.1 MEDIUM | 4.3 MEDIUM | ||
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | ||||
| >= 1.6.2, < 3.9.11 | — | 5 MEDIUM | ||
In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. | ||||
| = 3.9.7, = 3.9.8 | — | 6.5 MEDIUM | ||
In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9. | ||||
| = *, >= 3.8.13, < 3.9.7 | 6.5 MEDIUM | 4 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users. | ||||
| >= 3.6.0, <= 3.9.6 | 6.1 MEDIUM | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors. | ||||
| >= 3.9.0, <= 3.9.6 | 9.8 CRITICAL | 7.5 HIGH | ||
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection. | ||||
| >= 1.7.0, < 3.9.6 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector. | ||||
| >= 3.9.3, <= 3.9.5 | 9.8 CRITICAL | 7.5 HIGH | ||
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL. | ||||
| >= 3.0.0, <= 3.9.4 | 6.1 MEDIUM | 4.3 MEDIUM | ||
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. | ||||
| >= 3.2.0, <= 3.9.4 | — | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. | ||||
| >= 1.5.0, <= 3.9.4 | — | 7.5 HIGH | ||
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. | ||||
| >= 3.0.0, < 3.9.4 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.4. The item_title layout in edit views lacks escaping, leading to XSS. | ||||
| >= 3.0.0, < 3.9.4 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS. | ||||
| >= 3.8.0, < 3.9.4 | — | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access. | ||||
| >= 3.2.0, < 3.9.4 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS. | ||||
| >= 2.5.0, <= 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.3. Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability. | ||||
| >= 2.5.0, <= 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.3. Inadequate checks at the Global Configuration helpurl settings allowed stored XSS. | ||||
| >= 1.0.0, <= 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack vector. | ||||
| >= 2.5.0, <= 3.9.2 | — | 7.5 HIGH | ||
An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files. | ||||
| >= 2.5.0, <= 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.3. Inadequate parameter handling in JavaScript code (core.js writeDynaList) could lead to an XSS attack vector. | ||||
| >= 2.5.0, <= 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this. | ||||
| >= 2.5.0, < 3.9.2 | — | 3.5 LOW | ||
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS. | ||||
| >= 2.5.0, < 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability. | ||||
| >= 2.5.0, < 3.9.2 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability. | ||||
| >= 2.5.0, < 3.9.2 | — | 3.5 LOW | ||
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS. | ||||
| >= 2.5.0, < 3.8.13 | — | 4 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms. | ||||
| >= 2.5.0, < 3.8.13 | — | 6.8 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend. | ||||
| >= 1.5.0, < 3.8.13 | — | 6.5 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself. | ||||
| >= 2.5.4, < 3.8.13 | — | 6.5 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution. | ||||
| >= 3.1.0, < 3.8.13 | — | 4 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.13. Inadequate checks on the tags search fields can lead to an access level violation. | ||||
| < 3.8.12 | — | 3.5 LOW | ||
An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile page could lead to a stored XSS attack. | ||||
| < 3.8.12 | — | 5 MEDIUM | ||
An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation. | ||||
| < 3.8.12 | — | 7.5 HIGH | ||
An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | ||||
| >= 1.6.0, <= 3.8.8 | — | 4.3 MEDIUM | ||
An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL. | ||||
| >= 2.5.0, <= 3.8.8 | — | 6.5 MEDIUM | ||
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion. | ||||
| < 3.8.8 | — | 4 MEDIUM | ||
An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. | ||||
| < 3.8.8 | — | 4.3 MEDIUM | ||
An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated. | ||||
| < 3.8.8 | — | 6.5 MEDIUM | ||
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. | ||||
| < 3.8.8 | — | 6 MEDIUM | ||
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. | ||||
| < 3.8.8 | — | 2.6 LOW | ||
An issue was discovered in Joomla! Core before 3.8.8. Under specific circumstances (a redirect issued with a URI containing a username and password when the Location: header cannot be used), a lack of escaping the user-info component of the URI could result in an XSS vulnerability. | ||||
| < 3.8.8 | — | 4.3 MEDIUM | ||
In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. | ||||
| < 3.8.8 | — | 4 MEDIUM | ||
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission. | ||||
| < 3.8.8 | — | 3.5 LOW | ||
An issue was discovered in Joomla! Core before 3.8.8. Inadequate input filtering leads to a multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack. | ||||
| < 3.8.8 | — | 5 MEDIUM | ||
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen. | ||||
| >= 3.5.0, <= 3.8.5 | — | 6.5 MEDIUM | ||
In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. | ||||
| < 3.8.4 | — | 7.5 HIGH | ||
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. | ||||
| < 3.8.4 | — | 4.3 MEDIUM | ||
In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability. | ||||
| < 3.8.4 | — | 4.3 MEDIUM | ||
In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. | ||||
| < 3.8.4 | — | 4.3 MEDIUM | ||
In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox | ||||
| >= 3.2.0, <= 3.8.1 | — | 7.5 HIGH | ||
In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. | ||||
| >= 3.7.0, <= 3.8.1 | — | 4 MEDIUM | ||
In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users. | ||||
| = 3.4.0, = 3.1.4, = 3.1.3, = 3.3.3, = 3.2.1, = 3.3.5, = 3.3.6, = 3.1.5, = 3.1.6, = 3.2.0, = 3.1.1, = 3.2.3, = 3.0.1, = 3.0.2, = 3.0.3, = 3.0.4, = 3.2.7, = 3.3.0, = 3.3.1, = 3.2.2, = 3.2.4, = 3.3.4, = 3.4.1, = 3.2.6, = 3.3.2, = 3.0.0, = 3.1.0, = 3.1.2 | — | 5.8 MEDIUM | ||
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. | ||||
| = 1.6.4, = 2.5.19, = 2.5.7, = 3.7.3, = 2.5.17, = 1.5.24, = 3.1.4, = 3.1.3, = 1.7.1, = 1.5.25, = 1.6.3, = 2.5.22, = 3.3.4, = 3.3.6, = 1.5.26, = 1.5.11, = 2.5.8, = 2.5.25, = 3.2.1, = 3.4.4, = 1.5.13, = 3.2.7, = 3.3.3, = 3.3.5, = 3.4.2, = 1.5.3, = 3.7.0, = 1.5.18, = 1.5.16, = 1.6.5, = 1.7.4, = 2.5.11, = 2.5.13, = 2.5.15, = 3.0.2, = 3.4.1, = 1.5.10, = 1.5.9, = 1.6.1, = 1.6.0, = 1.7.5, = 2.5.27, = 3.2.2, = 3.4.6, = 3.4.5, = 3.6.2, = 1.5.22, = 2.5.21, = 2.5.23, = 2.5.28, = 3.1.5, = 3.4.0, = 3.6.5, = 3.6.0, = 1.5.4, = 1.5.2, = 1.7.0, = 2.5.1, = 2.5.2, = 3.0.4, = 3.1.1, = 3.3.1, = 3.7.2, = 1.5.21, = 1.5.20, = 1.5.19, = 1.5.23, = 1.5.14, = 1.5.7, = 1.5.5, = 1.5.0, = 1.7.2, = 2.5.4, = 2.5.6, = 2.5.20, = 3.0.0, = 3.1.6, = 3.2.5, = 3.2.6, = 3.5.1, = 3.7.5, = 1.5.12, = 1.6.2, = 2.5.9, = 2.5.10, = 2.5.24, = 2.5.26, = 3.2.0, = 3.2.3, = 3.4.7, = 3.4.3, = 3.6.4, = 3.6.3, = 3.6.1, = 1.5.15, = 1.5.8, = 1.5.6, = 1.6.6, = 1.7.3, = 2.5.3, = 2.5.5, = 2.5.12, = 2.5.14, = 3.0.1, = 3.2.4, = 3.7.4, = 1.5.17, = 1.5.1, = 2.5.0, = 2.5.16, = 2.5.18, = 3.0.3, = 3.1.0, = 3.1.2, = 3.4.8, = 3.3.0, = 3.3.2, = 3.5.0, = 3.7.1 | — | 5 MEDIUM | ||
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | ||||
| = 3.7.3, = 3.7.0, = 3.7.2, = 3.7.1, = 3.7.4, = 3.7.5 | — | 4.3 MEDIUM | ||
In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state. | ||||
| = 1.0.5, = 3.4.0, = 3.5.0, = 1.6, = 1.6.4, = 2.5.19, = 3.6.0, = 2.5.7, = 3.7.3, = 2.5.17, = 3.1.3, = 3.2.1, = 3.7.0, = 1.0.9, = 1.5.11, = 1.5.26, = 1.7.1, = 3.3.3, = 1.5.24, = 2.5.25, = 3.1.4, = 1.0.14, = 1.5.13, = 1.6.3, = 1.5.3, = 1.5.25, = 1.6.5, = 2.5.28, = 3.1.1, = 3.3.4, = 3.4.4, = 3.6.2, = 3.7.2, = 1.0.11, = 1.5.2, = 2.5.2, = 2.5.27, = 3.2.2, = 3.3.5, = 3.6.1, = 1.0.4, = 1.0.6, = 1.5.22, = 1.7.4, = 2.5.13, = 2.5.15, = 3.0.2, = 3.2.7, = 3.3.1, = 3.4.1, = 3.6.5, = 2.5.8, = 2.5.22, = 3.1.5, = 3.3.6, = 1.0.13, = 1.5.0, = 1.5.15, = 1.5.16, = 1.6.1, = 1.6.2, = 1.0.3, = 1.0.10, = 1.5.1, = 1.5.10, = 1.5.18, = 1.6.0, = 1.7.0, = 2.5.1, = 2.5.3, = 2.5.10, = 2.5.26, = 3.2.3, = 3.4.6, = 3.6.3, = 1.0.0, = 1.5.4, = 1.5.9, = 1.5.17, = 1.6.6, = 2.5.4, = 2.5.9, = 2.5.11, = 2.5.20, = 3.2.4, = 3.4.5, = 3.4.7, = 1.0.7, = 1.5.6, = 1.5.7, = 1.5.8, = 1.5.23, = 1.7.5, = 2.5.16, = 3.0.1, = 3.0.3, = 3.0.4, = 3.3.0, = 3.4.3, = 3.5.1, = 2.5.21, = 2.5.23, = 3.1.6, = 3.2.0, = 3.4.8, = 1.0.15, = 1.5.14, = 2.5.5, = 1.0.1, = 1.0.12, = 1.5.12, = 1.5.20, = 2.5.12, = 3.3.2, = 1.0.2, = 1.5.19, = 2.5.0, = 2.5.18, = 3.0.0, = 3.1.0, = 3.1.2, = 3.7.1, = 1.0.8, = 1.5.5, = 1.5.21, = 1.7.2, = 1.7.3, = 2.5.14, = 3.2.5, = 3.2.6, = 3.4.2, = 3.6.4, = 2.5.6, = 2.5.24 | — | 6.5 MEDIUM | ||
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | ||||
| = 3.4.0, = 3.5.0, = 1.6, = 1.6.4, = 2.5.19, = 3.6.0, = 2.5.7, = 3.7.3, = 2.5.17, = 3.3.3, = 1.7.1, = 3.2.1, = 1.5.11, = 1.5.25, = 1.5.26, = 3.1.3, = 1.5.24, = 2.5.25, = 3.7.0, = 1.6.3, = 3.1.4, = 3.3.1, = 3.3.4, = 1.5.2, = 1.5.3, = 1.5.18, = 2.5.11, = 2.5.27, = 2.5.28, = 3.6.5, = 3.6.1, = 3.6.2, = 1.5.13, = 2.5.1, = 2.5.2, = 3.1.1, = 3.3.5, = 3.4.1, = 1.5.9, = 1.5.22, = 1.7.4, = 2.5.23, = 3.1.5, = 3.7.2, = 3.2.2, = 3.4.4, = 3.4.8, = 1.6.5, = 2.5.8, = 2.5.13, = 2.5.15, = 2.5.22, = 3.0.2, = 3.4.5, = 3.4.6, = 3.4.7, = 1.5.1, = 1.5.4, = 1.5.17, = 1.5.19, = 1.6.6, = 1.7.0, = 2.5.9, = 2.5.10, = 2.5.26, = 3.1.6, = 3.2.0, = 3.6.3, = 1.5.10, = 1.6.0, = 2.5.3, = 2.5.4, = 2.5.20, = 2.5.21, = 3.7.1, = 3.2.3, = 3.3.0, = 3.4.3, = 1.5.0, = 1.5.7, = 1.6.2, = 2.5.14, = 2.5.16, = 3.0.1, = 3.0.3, = 3.2.4, = 3.5.1, = 1.5.6, = 1.5.8, = 1.5.15, = 1.5.16, = 1.5.23, = 1.6.1, = 1.7.3, = 1.7.5, = 2.5.6, = 3.0.4, = 3.3.2, = 1.5.5, = 1.5.20, = 1.7.2, = 2.5.12, = 3.0.0, = 1.5.12, = 2.5.18, = 3.1.0, = 3.1.2, = 1.5.14, = 2.5.0, = 2.5.5, = 3.4.2, = 3.6.4, = 1.5.21, = 2.5.24 | — | 4.3 MEDIUM | ||
In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components. | ||||
| = 3.4.0, = 3.5.0, = 2.5.19, = 3.6.0, = 2.5.7, = 2.5.17, = 3.1.4, = 3.1.3, = 3.7.0, = 3.3.4, = 3.3.5, = 3.1.1, = 3.6.1, = 2.5.8, = 2.5.22, = 3.2.1, = 3.4.1, = 3.7.2, = 3.3.3, = 3.4.4, = 2.5.25, = 3.1.5, = 3.4.8, = 2.5.1, = 2.5.2, = 2.5.21, = 3.6.5, = 3.3.0, = 3.4.5, = 3.6.3, = 1.7.5, = 2.5.15, = 3.0.2, = 3.0.4, = 3.2.2, = 3.2.4, = 2.5.11, = 2.5.13, = 2.5.27, = 2.5.28, = 3.1.6, = 3.3.1, = 3.4.6, = 3.5.1, = 3.6.2, = 1.7.4, = 2.5.23, = 2.5.3, = 2.5.4, = 2.5.18, = 2.5.20, = 3.1.0, = 3.1.2, = 3.7.1, = 3.3.2, = 3.4.3, = 3.4.7, = 1.7.3, = 2.5.6, = 2.5.24, = 3.2.0, = 3.2.3, = 3.4.2, = 3.6.4, = 2.5.9, = 2.5.10, = 2.5.12, = 2.5.26, = 3.0.0, = 2.5.0, = 2.5.5, = 2.5.14, = 2.5.16, = 3.0.1, = 3.0.3 | — | 4.3 MEDIUM | ||
Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability. | ||||
| = 3.7.0, = 3.4.0, = 3.5.0, = 2.5.19, = 3.6.0, = 2.5.7, = 2.5.17, = 3.1.4, = 2.5.8, = 2.5.25, = 3.7.1, = 3.3.3, = 3.3.4, = 3.3.5, = 3.6.1, = 3.2.1, = 3.4.1, = 2.5.22, = 3.1.3, = 3.4.4, = 2.5.23, = 1.7.4, = 1.7.5, = 2.5.1, = 2.5.15, = 3.1.1, = 3.4.8, = 2.5.21, = 2.5.28, = 3.3.1, = 3.4.5, = 3.6.3, = 3.2.2, = 3.6.5, = 3.0.4, = 2.5.2, = 2.5.11, = 2.5.13, = 2.5.27, = 3.0.2, = 3.1.5, = 3.4.6, = 3.6.2, = 2.5.9, = 2.5.10, = 2.5.24, = 2.5.26, = 2.5.0, = 2.5.16, = 2.5.18, = 3.0.3, = 3.1.0, = 3.1.2, = 2.5.3, = 2.5.5, = 2.5.12, = 2.5.14, = 3.0.1, = 3.1.6, = 3.2.4, = 3.4.7, = 3.5.1, = 1.7.3, = 3.2.0, = 3.2.3, = 3.4.2, = 3.4.3, = 3.6.4, = 2.5.4, = 2.5.6, = 2.5.20, = 3.0.0, = 3.3.0, = 3.3.2 | — | 5 MEDIUM | ||
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. | ||||
| = 3.7.0 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 3.4.0, = 3.5.0, = 3.6.0, = 3.4.4, = 3.4.8, = 3.4.2, = 3.4.5, = 3.4.6, = 3.4.1, = 3.6.1, = 3.6.2, = 3.6.3, = 3.6.5, = 3.5.1, = 3.6.4, = 3.4.7, = 3.4.3 | — | 5 MEDIUM | ||
In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting. | ||||
| = 3.4.0, = 3.5.0, = 3.6.0, = 3.3.3, = 3.2.1, = 3.3.5, = 3.4.1, = 3.3.1, = 3.4.4, = 3.6.5, = 3.4.2, = 3.6.1, = 3.6.2, = 3.2.2, = 3.3.4, = 3.4.8, = 3.2.3, = 3.6.3, = 3.3.0, = 3.3.2, = 3.4.3, = 3.4.5, = 3.4.6, = 3.4.7, = 3.5.1, = 3.2.0, = 3.2.4, = 3.6.4 | — | 4.3 MEDIUM | ||
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering leads to XSS in the template manager component. | ||||
| >= 1.5.0, <= 3.6.5 | — | 4.3 MEDIUM | ||
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components. | ||||
| = 3.4.0, = 3.5.0, = 1.6.4, = 2.5.19, = 3.6.0, = 2.5.7, = 2.5.17, = 1.5.24, = 3.1.4, = 1.5.26, = 2.5.25, = 3.2.1, = 3.1.3, = 1.5.11, = 3.3.3, = 3.3.5, = 1.6.3, = 1.7.1, = 2.5.22, = 1.5.25, = 1.5.13, = 3.4.4, = 1.7.4, = 2.5.23, = 3.4.5, = 1.6.5, = 2.5.8, = 2.5.11, = 2.5.27, = 2.5.28, = 1.5.2, = 1.5.3, = 3.2.2, = 3.4.1, = 3.6.2, = 3.1.5, = 3.4.2, = 2.5.1, = 2.5.2, = 1.5.22, = 1.5.9, = 3.3.4, = 3.4.8, = 3.6.1, = 3.0.2, = 3.1.1, = 1.6.1, = 2.5.13, = 2.5.15, = 1.5.18, = 3.6.5, = 3.3.1, = 3.1.0, = 3.1.2, = 1.6.0, = 1.6.2, = 1.7.2, = 2.5.5, = 2.5.12, = 2.5.14, = 2.5.21, = 1.5.17, = 1.5.19, = 1.5.5, = 1.5.7, = 1.5.14, = 1.5.15, = 3.2.3, = 3.3.0, = 3.4.3, = 3.0.0, = 3.0.1, = 1.6.6, = 1.7.0, = 2.5.9, = 2.5.10, = 2.5.26, = 1.5.0, = 1.5.1, = 3.1.6, = 3.2.0, = 3.6.3, = 1.7.5, = 2.5.0, = 2.5.3, = 2.5.16, = 2.5.18, = 1.5.20, = 1.5.21, = 1.5.23, = 1.5.10, = 1.5.12, = 3.3.2, = 3.4.6, = 3.4.7, = 3.5.1, = 1.7.3, = 2.5.4, = 2.5.6, = 2.5.20, = 1.5.16, = 1.5.4, = 1.5.6, = 1.5.8, = 3.2.4, = 3.6.4, = 2.5.24 | — | 5 MEDIUM | ||
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers. | ||||
| = 3.4.0, = 3.5.0, = 1.6.4, = 2.5.19, = 3.6.0, = 2.5.7, = 2.5.17, = 1.5.24, = 3.1.4, = 2.5.25, = 2.5.22, = 1.5.25, = 1.5.26, = 1.5.11, = 1.5.13, = 3.3.5, = 1.7.1, = 3.1.3, = 1.6.3, = 3.2.1, = 3.3.3, = 3.4.4, = 1.7.4, = 2.5.23, = 1.5.2, = 1.5.9, = 3.3.4, = 3.4.5, = 3.6.1, = 3.1.5, = 3.4.2, = 1.6.1, = 2.5.2, = 1.5.22, = 3.4.8, = 3.0.2, = 2.5.11, = 2.5.13, = 2.5.27, = 2.5.28, = 1.5.3, = 3.2.2, = 3.4.1, = 3.1.1, = 1.6.5, = 2.5.1, = 2.5.8, = 2.5.15, = 1.5.18, = 3.6.5, = 3.3.1, = 3.6.2, = 3.1.2, = 1.6.6, = 2.5.0, = 2.5.9, = 2.5.16, = 2.5.18, = 1.5.19, = 1.5.21, = 1.5.0, = 1.5.7, = 1.5.15, = 3.2.0, = 3.3.2, = 3.4.7, = 3.5.1, = 3.6.3, = 1.6.0, = 1.6.2, = 2.5.3, = 2.5.4, = 2.5.5, = 2.5.20, = 2.5.21, = 1.5.23, = 1.5.12, = 1.5.14, = 3.0.0, = 3.0.1, = 3.1.0, = 1.7.0, = 1.7.2, = 1.7.3, = 2.5.10, = 2.5.12, = 2.5.14, = 1.5.16, = 1.5.17, = 1.5.4, = 1.5.5, = 1.5.6, = 3.2.3, = 3.2.4, = 3.3.0, = 3.4.3, = 3.6.4, = 1.7.5, = 2.5.6, = 2.5.26, = 1.5.20, = 1.5.1, = 1.5.8, = 1.5.10, = 3.1.6, = 3.4.6, = 2.5.24 | — | 4.3 MEDIUM | ||
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components. | ||||
| = 3.4.0, = 3.5.0, = 3.6.0, = 3.3.3, = 3.2.1, = 3.6.5, = 3.2.2, = 3.4.1, = 3.4.2, = 3.6.1, = 3.3.4, = 3.3.5, = 3.4.8, = 3.6.2, = 3.3.1, = 3.4.4, = 3.2.0, = 3.3.2, = 3.2.3, = 3.3.0, = 3.4.3, = 3.4.5, = 3.5.1, = 3.6.3, = 3.4.6, = 3.4.7, = 3.2.4, = 3.6.4 | — | 4.3 MEDIUM | ||
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of file and folder names leads to XSS vulnerabilities in the template manager component. | ||||
| = 3.4.0, = 3.5.0, = 1.6.4, = 2.5.19, = 3.6.0, = 2.5.7, = 2.5.17, = 1.5.24, = 3.1.4, = 3.4.2, = 2.5.25, = 3.2.1, = 3.3.3, = 3.3.5, = 3.4.1, = 1.6.3, = 2.5.22, = 1.5.25, = 1.5.26, = 1.7.1, = 3.4.4, = 3.1.3, = 2.5.2, = 2.5.11, = 2.5.27, = 3.4.6, = 3.6.2, = 1.6.1, = 2.5.23, = 3.6.5, = 3.6.1, = 3.0.2, = 3.1.1, = 1.7.4, = 2.5.13, = 2.5.15, = 1.5.16, = 1.5.18, = 3.3.1, = 3.4.5, = 3.1.5, = 1.6.5, = 1.7.0, = 1.7.5, = 2.5.1, = 2.5.8, = 2.5.28, = 1.5.22, = 3.2.2, = 3.3.4, = 3.4.8, = 3.0.0, = 1.6.6, = 2.5.0, = 2.5.9, = 2.5.16, = 2.5.18, = 1.5.21, = 1.5.23, = 3.1.6, = 3.6.3, = 1.6.0, = 1.6.2, = 2.5.4, = 2.5.5, = 2.5.6, = 2.5.20, = 2.5.21, = 2.5.24, = 3.1.0, = 3.1.2, = 1.7.2, = 1.7.3, = 2.5.12, = 2.5.14, = 1.5.17, = 1.5.19, = 3.2.3, = 3.2.4, = 3.3.0, = 3.3.2, = 3.4.3, = 3.5.1, = 3.6.4, = 3.0.1, = 2.5.3, = 2.5.10, = 2.5.26, = 1.5.20, = 3.2.0, = 3.4.7 | — | 5 MEDIUM | ||
In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article. | ||||
| = 3.4.0, = 3.5.0, = 3.6.0, = 3.3.3, = 3.2.1, = 3.2.2, = 3.3.4, = 3.4.8, = 3.4.2, = 3.6.5, = 3.4.1, = 3.6.1, = 3.6.2, = 3.3.1, = 3.4.4, = 3.3.5, = 3.2.4, = 3.5.1, = 3.6.3, = 3.6.4, = 3.2.0, = 3.3.0, = 3.3.2, = 3.4.5, = 3.4.6, = 3.4.7, = 3.2.3, = 3.4.3 | — | 4 MEDIUM | ||
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden. | ||||
| = 3.5.0, = 3.6.0, = 3.4.4, = 3.6.1, = 3.6.2, = 3.4.8, = 3.5.1, = 3.4.7, = 3.4.5, = 3.4.6, = 3.6.3 | — | 7.5 HIGH | ||
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors. | ||||
| >= 1.5.0, <= 3.6.5 | 9.8 CRITICAL | 7.5 HIGH | ||
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. | ||||
| >= 1.5.0, <= 3.6.5 | 9.8 CRITICAL | 7.5 HIGH | ||
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033. | ||||
| <= 3.6.4 | — | 5 MEDIUM | ||
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request. | ||||
| <= 3.6.4 | — | 5 MEDIUM | ||
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task. | ||||
| <= 3.6.4 | — | 7.5 HIGH | ||
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types. | ||||
| <= 3.6.3 | — | 6.8 MEDIUM | ||
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting. | ||||
| <= 3.6.3 | — | 7.5 HIGH | ||
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. | ||||
| = 3.1.4, = 3.1.3, = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.1.5, = 3.1.1, = 3.4.1, = 3.1.0, = 3.2.3, = 3.2.2, = 3.4.6, = 3.4.5, = 3.4.0, = 3.0.4, = 3.0.3, = 3.2.0, = 3.4.3, = 3.3.0, = 3.2.4, = 3.3.2, = 3.3.1, = 3.0.2, = 3.0.1, = 3.1.6, = 3.1.2, = 3.0.0 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.5, = 3.2.4, = 3.4.3, = 3.2.3, = 3.3.0, = 3.2.0, = 3.3.2, = 3.4.0 | — | 7.5 HIGH | ||
Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors. | ||||
| = 3.4.4, = 3.4.1, = 3.4.5, = 3.4.0, = 3.4.3 | — | 7.5 HIGH | ||
Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive. | ||||
| = 3.3.3, = 3.2.1, = 3.3.5, = 3.4.4, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.5, = 3.2.0, = 3.3.2, = 3.2.3, = 3.3.0, = 3.4.0, = 3.2.4, = 3.4.3 | — | 6.8 MEDIUM | ||
Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| = 1.6.4, = 2.5.19, = 2.5.7, = 2.5.17, = 1.5.24, = 3.1.4, = 3.1.3, = 1.7.1, = 3.3.3, = 1.5.25, = 1.5.26, = 2.5.28, = 3.4.2, = 2.5.8, = 2.5.25, = 3.1.1, = 1.5.2, = 1.5.3, = 1.5.11, = 2.5.22, = 3.1.5, = 3.4.4, = 1.5.13, = 1.6.3, = 1.7.4, = 3.2.1, = 3.3.4, = 1.5.0, = 1.5.9, = 1.5.10, = 1.5.18, = 1.6.0, = 1.7.0, = 2.5.2, = 2.5.3, = 2.5.11, = 2.5.20, = 2.5.27, = 3.2.4, = 3.3.0, = 1.5.7, = 1.5.15, = 1.5.16, = 1.6.5, = 1.6.6, = 2.5.1, = 3.2.2, = 3.4.0, = 3.4.1, = 1.6.1, = 2.5.13, = 2.5.21, = 3.0.1, = 3.1.6, = 3.3.1, = 3.4.5, = 1.5.4, = 1.5.22, = 1.7.5, = 2.5.15, = 2.5.23, = 3.0.2, = 3.0.3, = 1.5.17, = 2.5.12, = 3.4.3, = 1.5.8, = 1.5.23, = 2.5.0, = 2.5.9, = 2.5.10, = 2.5.18, = 2.5.26, = 3.1.0, = 3.1.2, = 3.2.3, = 1.5.1, = 1.5.12, = 1.5.19, = 1.5.20, = 1.6.2, = 1.7.2, = 1.7.3, = 2.5.4, = 2.5.5, = 2.5.14, = 3.0.0, = 3.3.2, = 1.5.6, = 1.5.14, = 1.5.21, = 2.5.6, = 2.5.16, = 2.5.24, = 3.2.0 | — | 7.5 HIGH | ||
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015. | ||||
| = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.0, = 3.2.0, = 3.2.3, = 3.3.0, = 3.3.2, = 3.2.4, = 3.4.3 | — | 5 MEDIUM | ||
The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.0, = 3.2.4, = 3.4.3, = 3.3.0, = 3.2.0, = 3.3.2, = 3.2.3 | — | 5 MEDIUM | ||
The com_content component in Joomla! 3.x before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| = 3.3.3, = 3.2.1, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.0, = 3.3.0, = 3.3.2, = 3.2.4, = 3.4.3, = 3.2.3, = 3.2.0 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297. | ||||
| = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.0, = 3.2.0, = 3.3.2, = 3.2.4, = 3.3.0, = 3.4.3, = 3.2.3 | — | 7.5 HIGH | ||
SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php. | ||||
| = 3.3.3, = 3.2.1, = 3.4.4, = 3.4.2, = 3.3.4, = 3.3.1, = 3.2.2, = 3.4.1, = 3.4.0, = 3.2.0, = 3.3.2, = 3.3.0, = 3.2.3, = 3.2.4, = 3.4.3 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858. | ||||
| = 3.4.0, = 3.4.2, = 3.4.1, = 3.4.3 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 3.4.0, = 3.3.3, = 3.2.1, = 3.3.5, = 3.4.1, = 3.3.4, = 3.3.1, = 3.2.2, = 3.2.0, = 3.3.2, = 3.2.3, = 3.2.4, = 3.4.2, = 3.2.5, = 3.3.0 | — | 6.8 MEDIUM | ||
Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the EQ Event Calendar component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to eqfullevent. | ||||
| = 2.5.19, = 2.5.7, = 2.5.17, = 3.1.4, = 3.1.3, = 3.3.3, = 2.5.25, = 3.2.1, = 2.5.22, = 2.5.11, = 2.5.13, = 2.5.21, = 3.0.2, = 3.0.4, = 3.1.6, = 3.3.0, = 2.5.8, = 2.5.23, = 3.2.2, = 3.2.4, = 2.5.20, = 3.0.3, = 3.1.5, = 3.3.1, = 2.5.15, = 3.1.1, = 3.3.4, = 2.5.4, = 2.5.18, = 3.3.2, = 2.5.5, = 2.5.6, = 2.5.9, = 2.5.24, = 3.0.0, = 3.2.3, = 3.2.5, = 2.5.10, = 2.5.12, = 3.0.1, = 3.2.0, = 2.5.14, = 2.5.16, = 3.1.0, = 3.1.2 | — | 7.5 HIGH | ||
Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for WordPress 1.0.b1 through 1.1.3; Solo 1.0.b1 through 1.1.2; Admin Tools Core and Professional 2.0.0 through 2.4.4; and CMS Update 1.0.a1 through 1.0.1, when performing a backup or update for an archive, does not delete parameters from $_GET and $_POST when it is cleansing $_REQUEST, but later accesses $_GET and $_POST using the getQueryParam function, which allows remote attackers to bypass encryption and execute arbitrary code via a command message that extracts a crafted archive. | ||||
| = 1.5.24, = 1.5.11, = 1.5.25, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.22, = 1.5.9, = 1.5.18, = 1.5.20, = 1.5.14, = 1.5.7, = 1.5.8, = 1.5.21, = 1.5.15, = 1.5.5, = 1.5.6, = 1.5.19, = 1.5.12, = 1.5.1, = 1.5.23, = 1.5.17, = 1.5.16, = 1.5.10, = 1.5.4, = 1.5.0, <= 1.5.26 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php. | ||||
| = 3.1.4, = 3.1.3, = 3.2.1, = 3.1.5, = 3.2.2, = 3.1.6, = 3.2.0, = 3.1.2 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 2.5.7, = 2.5.17, = 3.1.4, = 3.1.3, = 3.2.1, = 2.5.8, = 3.1.5, = 3.1.1, = 3.2.2, = 2.5.15, = 2.5.16, = 2.5.14, = 2.5.2, = 2.5.4, = 3.0.1, = 3.0.3, = 3.2.0, = 2.5.1, = 2.5.10, = 2.5.6, = 2.5.9, = 2.5.11, = 2.5.13, = 2.5.3, = 3.0.2, = 3.0.4, = 3.1.6, = 2.5.18, = 3.1.0, = 3.1.2, = 2.5.12, = 2.5.0, = 2.5.5, = 3.0.0 | — | 7.5 HIGH | ||
Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication. | ||||
| = 2.5.7, = 2.5.17, = 3.1.4, = 3.1.3, = 3.2.1, = 2.5.8, = 3.1.5, = 3.1.1, = 3.2.2, = 2.5.13, = 2.5.14, = 2.5.15, = 2.5.16, = 3.0.3, = 3.0.4, = 2.5.1, = 2.5.11, = 2.5.3, = 3.0.2, = 2.5.6, = 3.1.6, = 3.2.0, = 2.5.10, = 2.5.2, = 2.5.4, = 2.5.9, = 3.0.1, = 3.1.0, = 2.5.18, = 3.0.0, = 3.1.2, = 2.5.0, = 2.5.5, = 2.5.12 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 3.1.4, = 3.1.3, = 3.2.1, = 3.1.5, = 3.1.1, = 3.2.2, = 3.1.6, = 3.2.0, = 3.1.0, = 3.1.2 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 2.5.19, = 2.5.7, = 2.5.17, = 3.3.3, = 2.5.25, = 3.2.1, = 2.5.22, = 3.3.4, = 2.5.8, = 2.5.23, = 2.5.21, = 2.5.20, = 2.5.4, = 3.3.0, = 3.3.1, = 2.5.13, = 2.5.11, = 2.5.10, = 3.2.2, = 3.2.3, = 3.2.4, = 2.5.16, = 2.5.14, = 2.5.9, = 3.2.0, = 2.5.15, = 2.5.6, = 2.5.5, = 2.5.12, = 2.5.24, = 3.3.2 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x before 3.2.6, and 3.3.x before 3.3.5 allows attackers to cause a denial of service via unspecified vectors. | ||||
| = 2.5.19, = 2.5.7, = 2.5.17, = 3.3.3, = 3.2.1, = 2.5.22, = 2.5.8, = 3.3.1, = 3.2.2, = 2.5.23, = 2.5.6, = 3.3.0, = 2.5.16, = 2.5.15, = 2.5.14, = 3.2.3, = 2.5.21, = 2.5.13, = 2.5.11, = 2.5.9, = 2.5.4, = 2.5.2, = 2.5.20, = 2.5.10, = 2.5.3, = 2.5.1, = 3.2.0, = 2.5.24, = 2.5.5, = 2.5.0, = 2.5.12, = 3.3.2 | — | 7.5 HIGH | ||
Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication. | ||||
| = 3.3.3, = 3.2.1, = 3.3.1, = 3.2.2, = 3.3.0, = 3.2.4, = 3.2.3, = 3.2.0, = 3.3.2 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x before 3.2.5 and 3.3.x before 3.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in manage.php in the PBBooking (com_pbbooking) component 2.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the an arbitrary parameter in an edit action to administrator/index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in tmpl/layout_editevent.php in the Multi Calendar (com_multicalendar) component 4.0.2, and possibly 4.8.5 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) calid or (2) paletteDefault parameter in an editevent action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Freichat (com_freichat) component, possibly 9.4 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) xhash parameter to client/chat.php or (3) toname parameter to client/plugins/upload/upload.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI. | ||||
| all versions | — | 4.3 MEDIUM | ||
SQL injection vulnerability in the JV Comment (com_jvcomment) component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php. | ||||
| = 3.1.5 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.13, = 2.5.11, = 2.5.1, = 2.5.3, = 2.5.10, = 2.5.9, = 2.5.12, = 2.5.6, = 2.5.4, = 2.5.5, = 2.5.0, = 3.1.4, = 3.1.3, = 3.1.1, = 3.0.2, = 3.0.4, = 3.0.3, = 3.0.1, = 3.1.0, = 3.0.0, = 3.1.2 | — | 6.8 MEDIUM | ||
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0, = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0 | — | 5.5 MEDIUM | ||
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0, = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0, = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0, = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0, = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0 | — | 4 MEDIUM | ||
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors. | ||||
| = 2.5.7, = 2.5.8, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.9, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0, = 3.0.2, = 3.0.3, = 3.0.1, = 3.0.0 | — | 4 MEDIUM | ||
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors. | ||||
| = 3.0.1, = 3.0.0 | — | 5 MEDIUM | ||
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable." | ||||
| = 3.0.2, = 3.0.1, = 3.0.0 | — | 5 MEDIUM | ||
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors." | ||||
| = 2.5.7, = 2.5.8, = 3.0.2, = 2.5.2, = 2.5.1, = 3.0.1, = 2.5.3, = 2.5.4, = 2.5.6, = 2.5.0, = 3.0.0, = 2.5.5 | — | 7.5 HIGH | ||
plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income action to administrator/index.php. | ||||
| all versions | — | 10 HIGH | ||
Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. | ||||
| = 1.5.24, = 1.5.11, = 1.5.25, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.22, = 1.5.9, = 1.5.18, = 1.5.7, = 1.5.8, = 1.5.6, = 1.5.4, = 1.5.14, = 1.5.23, = 1.5.17, = 1.5.21, = 1.5.10, = 1.5.12, = 1.5.5, = 1.5.0, = 1.5.15, = 1.5.16, = 1.5.19, = 1.5.20, = 1.5.1 | — | 5 MEDIUM | ||
Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611. | ||||
| = 1.5.24, = 1.5.11, = 1.5.25, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.22, = 1.5.9, = 1.5.18, = 1.5.17, = 1.5.16, = 1.5.19, = 1.5.10, = 1.5.12, = 1.5.4, = 1.5.1, = 1.5.15, = 1.5.7, = 1.5.23, = 1.5.20, = 1.5.21, = 1.5.8, = 1.5.14, = 1.5.5, = 1.5.6, = 1.5.0 | — | 7.5 HIGH | ||
Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability." | ||||
| all versions | — | 10 HIGH | ||
Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature. | ||||
| = 2.5.7, = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0 | — | 4.3 MEDIUM | ||
Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.4, = 2.5.6, = 2.5.5, = 2.5.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 3.0.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error." | ||||
| <= 1.5.11, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.0, = 1.5.6, = 1.5.8, = 1.5.5, = 1.5.1 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| <= 1.5.11, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.0, = 1.5.6, = 1.5.1, = 1.5.5, = 1.5.8 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. | ||||
| <= 1.5.11, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.0, = 1.5.6, = 1.5.5, = 1.5.8, = 1.5.1 | — | 5 MEDIUM | ||
Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 7.5 HIGH | ||
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors. | ||||
| = 2.5.1, = 2.5.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 1.7.1, = 1.7.4, = 2.5.1, = 1.7.0, = 1.7.5, = 1.7.3, = 2.5.0, = 1.7.2 | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.0 | — | 5 MEDIUM | ||
Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599. | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.0 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 1.6, = 1.6.4, = 1.6.3, = 1.6.5, = 1.6.1, = 1.6.6, = 1.6.0, = 1.7.1, = 1.7.0, = 1.7.3, = 1.7.2 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819. | ||||
| = 1.7.1, = 1.7.4, = 1.7.0, = 1.7.3, = 2.5.0, = 1.7.2 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator." | ||||
| = 1.6, = 1.6.4, = 1.7.1, = 1.6.3, = 1.6.5, = 1.6.1, = 1.7.0, = 1.6.6, = 1.7.3, = 1.6.0, = 1.7.2 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820. | ||||
| = 1.7.1, = 1.7.4, = 1.7.0, = 1.7.3, = 2.5.0, = 1.7.2 | — | 5 MEDIUM | ||
Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator." | ||||
| = 1.6, = 1.6.4, = 1.7.1, = 1.6.3, = 1.6.5, = 1.6.1, = 1.6.0, = 1.7.0, = 1.6.6, = 1.7.3, = 1.7.2 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822. | ||||
| = 1.6, = 1.6.4, = 1.7.1, = 1.6.3, = 1.6.5, = 1.6.1, = 1.6.6, = 1.6.0, = 1.7.3, = 1.7.0, = 1.7.2 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821. | ||||
| = 1.7.1, = 1.7.4, = 1.7.0, = 1.7.3, = 1.7.2 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a (1) php5, (2) php6, or (3) double (e.g. .php.jpg) extension, then accessing it via a direct request to the file in images/, as exploited in the wild in January 2012. | ||||
| all versions | — | 6 MEDIUM | ||
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| all versions | — | 5 MEDIUM | ||
The jNews (com_jnews) component 7.5.1 for Joomla! allows remote attackers to obtain sensitive information via the emailsearch parameter, which reveals the installation path in an error message. | ||||
| = 1.5.0, = 1.5.1, = 1.5.2, = 1.5.3, = 1.5.4, = 1.5.5, = 1.5.6, = 1.5.7, = 1.5.8, = 1.5.9, = 1.5.10, = 1.5.11, = 1.5.12, = 1.5.13, = 1.5.14, = 1.5.15, = 1.5.16, = 1.5.17, = 1.5.18, = 1.5.19, = 1.5.20, = 1.5.21, = 1.5.22, = 1.5.23, = 1.5.24, = 1.5.25, = 1.5.26, = 2.5.0, = 2.5.1, = 2.5.2, = 2.5.3, = 2.5.4, = 2.5.5, = 2.5.6 | — | 7.5 HIGH | ||
SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 1.5.0, = 1.5.1, = 1.5.2, = 1.5.3, = 1.5.4, = 1.5.5, = 1.5.6, = 1.5.7, = 1.5.8, = 1.5.9, = 1.5.10, = 1.5.11, = 1.5.12, = 1.5.13, = 1.5.14, = 1.5.15, = 1.5.16, = 1.5.17, = 1.5.18, = 1.5.19, = 1.5.20, = 1.5.21, = 1.5.22, = 1.5.23, = 1.5.24, = 1.5.25, = 1.5.26, = 2.5.0, = 2.5.1, = 2.5.2, = 2.5.3, = 2.5.4, = 2.5.5, = 2.5.6 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment. | ||||
| = 2.5.0, = 2.5.1, = 2.5.2, = 2.5.3, = 2.5.4, = 2.5.5, = 2.5.6 | — | 5 MEDIUM | ||
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI. | ||||
| = 2.5.3 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header. | ||||
| = 2.5.3 | — | 5 MEDIUM | ||
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header. | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.4, = 2.5.0 | — | 5 MEDIUM | ||
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." | ||||
| = 2.5.2, = 2.5.1, = 2.5.3, = 2.5.4, = 2.5.0 | — | 7.5 HIGH | ||
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking." | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php. | ||||
| all versions | — | 6 MEDIUM | ||
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in includes/convert.php in D-Mack Media Currency Converter (mod_currencyconverter) module 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the from parameter. | ||||
| all versions | — | 6 MEDIUM | ||
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | ||||
| all versions | — | 3.5 LOW | ||
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) language[], (2) university[], (3) persent[], (4) company_name[], (5) designation[], (6) music[], (7) books[], (8) movies[], (9) games[], (10) syp[], (11) ft[], and (12) fa[] parameters in a save task for a profile to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | ||||
| = 1.5.24, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.22, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.8, = 1.5.10, = 1.5.23, = 1.5.0, = 1.5.1, = 1.5.15, = 1.5.17, = 1.5.5, = 1.5.7, = 1.5.12, = 1.5.14, = 1.5.20, = 1.5.4, = 1.5.6, = 1.5.19, = 1.5.21 | — | 5 MEDIUM | ||
The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors. | ||||
| = 1.6, = 1.6.4, = 1.6.5, = 1.6.1, = 1.6.0, <= 1.6.3, = 1.6.6 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 6 MEDIUM | ||
SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | ||||
| all versions | — | 6 MEDIUM | ||
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magazine.functions.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file." | ||||
| = 1.6.0 | — | 5 MEDIUM | ||
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 6 MEDIUM | ||
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php. | ||||
| = 1.6, = 1.6.1, = 1.6.0 | — | 4.3 MEDIUM | ||
Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, <= 1.5.23, = 1.5.2, = 1.5.22, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.12, = 1.5.15, = 1.5.20, = 1.5.6, = 1.5.0, = 1.5.10, = 1.5.19, = 1.5.5, = 1.5.7, = 1.5.8, = 1.5.17, = 1.5.4, = 1.5.1, = 1.5.21, = 1.5.14 | — | 5 MEDIUM | ||
The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488. | ||||
| = 1.6, = 1.6.4, = 1.5.11, = 1.6.3, = 1.5.13, = 1.5.3, = 1.5.9, = 1.6.0, = 1.5.0, = 1.6.5, = 1.5.22, = 1.5.16, = 1.5.4, = 1.5.7, = 1.6.1, = 1.5.2, = 1.5.10, = 1.5.18, <= 1.6.6, = 1.5.15, = 1.5.20, = 1.5.6, = 1.5.23, = 1.5.17, = 1.5.1, = 1.5.21, = 1.5.8, = 1.5.12, = 1.5.19, = 1.5.5, = 1.5.14 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5. | ||||
| = 1.6, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.22, = 1.5.7, = 1.6.1, = 1.5.0, = 1.5.10, = 1.5.16, = 1.5.9, = 1.5.15, = 1.5.18, = 1.5.4, = 1.6.0, = 1.5.6, <= 1.6.3, = 1.5.21, = 1.5.5, = 1.5.20, = 1.5.14, = 1.5.23, = 1.5.17, = 1.5.19, = 1.5.1, = 1.5.8, = 1.5.12 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as demonstrated by the Itemid parameter to index.php; (2) the query string to the com_content component, as demonstrated by the filter_order parameter to index.php; (3) the query string to the com_newsfeeds component, as demonstrated by an arbitrary parameter to index.php; or (4) the option parameter in a reset.request action to index.php; and, when Internet Explorer or Konqueror is used, (5) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. | ||||
| <= 1.5.22, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.7, = 1.5.8, = 1.5.1, = 1.5.15, = 1.5.20, = 1.5.0, = 1.5.17, = 1.5.5, = 1.5.19, = 1.5.21, = 1.5.10, = 1.5.12, = 1.5.14, = 1.5.6 | — | 5 MEDIUM | ||
Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| = 1.6, = 1.6.1, = 1.6.0 | — | 5 MEDIUM | ||
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488. | ||||
| <= 1.5.22, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.12, = 1.5.15, = 1.5.20, = 1.5.10, = 1.5.19, = 1.5.6, = 1.5.0, = 1.5.7, = 1.5.8, = 1.5.5, = 1.5.1, = 1.5.21, = 1.5.14, = 1.5.17 | — | 5 MEDIUM | ||
templates/system/error.php in Joomla! before 1.5.23 might allow remote attackers to obtain sensitive information via unspecified vectors that trigger an undefined value of a certain error field, leading to disclosure of the installation path. NOTE: this might overlap CVE-2011-2488. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.10, = 1.5.21, = 1.5.8, = 1.5.15, = 1.5.17, = 1.5.1, = 1.5.12, = 1.5.0, = 1.5.19, = 1.5.5, = 1.5.20, = 1.5.6, = 1.5.7, = 1.5.14 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.14, = 1.5.17, = 1.5.1, = 1.5.12, = 1.5.15, = 1.5.8, = 1.5.19, = 1.5.5, = 1.5.6, = 1.5.0, = 1.5.20, = 1.5.21 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php. | ||||
| = 1.0.0, = 1.0.15 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a submitSurvey action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.10, = 1.5.20, = 1.5.6, = 1.5.0, = 1.5.12, = 1.5.15, = 1.5.14, = 1.5.7, = 1.5.17, = 1.5.1, = 1.5.8, = 1.5.19, = 1.5.5 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.18, = 1.5.16, = 1.5.4, = 1.5.10, = 1.5.0, = 1.5.15, = 1.5.17, = 1.5.5, = 1.5.6, = 1.5.7, = 1.5.19, = 1.5.12, = 1.5.14, = 1.5.1, = 1.5.8 | — | 3.5 LOW | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php. | ||||
| all versions | — | 3.6 LOW | ||
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the bid[] parameter in a (1) lend_request or (2) save_lend_request action to index.php, the id parameter in a (3) mdownload or (4) downitsf action to index.php, or (5) the searchtext parameter in a search action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | ||||
| = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.16, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.5, = 1.5.6, = 1.5.14, = 1.5.12, = 1.5.0, = 1.5.8, = 1.5.15, = 1.5.17, = 1.5.1 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "various administrator screens," possibly the search parameter in administrator/index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the ActiveHelper LiveHelp (com_activehelper_livehelp) component 2.0.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via (1) the DOMAINID parameter to server/cookies.php or (2) the SERVER parameter to server/index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter in a search action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | ||||
| = 1.5.0 | — | 5 MEDIUM | ||
Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php. | ||||
| all versions | — | 3.5 LOW | ||
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter. | ||||
| all versions | — | 5 MEDIUM | ||
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php. | ||||
| = 1.5.0 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist. | ||||
| all versions | 5.8 MEDIUM | 5 MEDIUM | ||
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php. | ||||
| all versions | — | 6.5 MEDIUM | ||
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to the com_content component, reachable through index.php. NOTE: the vendor disputes this report, saying: "JoomlaBamboo has investigated this report, and it is incorrect. There is no SQL injection vulnerability involving the id parameter in an article view, and there never was. JoomlaBamboo customers have no reason to be concerned about this report. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Facileforms (com_facileforms) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Artist avenue (com_artistavenue) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in cal_popup.php in the Anything Digital Development JCal Pro (aka com_jcalpro or JCP) component 1.5.3.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php in the YJ Whois component 1.0x and 1.5.x for Joomla! allows remote attackers to inject arbitrary web script or HTML via the domain parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not properly perform authentication, which allows remote attackers to post messages with an arbitrary account name via an insertar action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in class/php/d4m_ajax_pagenav.php in the D4J eZine (com_ezine) component 2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path parameter. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the JoomClip (com_joomclip) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | ||||
| <= 1.5.14, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.12, = 1.5.5, = 1.5.6, = 1.5.8, = 1.5.1, = 1.5.0 | — | 5 MEDIUM | ||
Joomla! before 1.5.15 allows remote attackers to read an extension's XML file, and thereby obtain the extension's version number, via a direct request. | ||||
| <= 1.5.14, = 1.5.11, = 1.5.13, = 1.5.3, = 1.5.2, = 1.5.9, = 1.5.4, = 1.5.10, = 1.5.7, = 1.5.12, = 1.5.6, = 1.5.5, = 1.5.1, = 1.5.8, = 1.5.0 | — | 5.5 MEDIUM | ||
Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! before 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JShop (com_jshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
A certain interface in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than CVE-2008-2627. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid parameters to longDesc.php, and the h_id parameter to (4) detail.php, (5) detail1.php, (6) detail2.php, (7) detail3.php, (8) detail4.php, (9) detail5.php, (10) detail6.php, (11) detail7.php, and (12) detail8.php, different vectors than CVE-2008-5865, CVE-2008-5874, and CVE-2008-5875. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php. | ||||
| = 1.0, = 1.0.0, = 1.0.1, = 1.0.2, = 1.0.3, = 1.0.4, = 1.0.5, = 1.0.6, = 1.0.7, = 1.0.8, = 1.0.9, = 1.0.10, = 1.0.11, = 1.0.12, = 1.0.13, = 1.0.14, = 1.03, = 1.5, = 1.5.0, = 1.5.1, = 1.5.2, = 1.5.3, = 1.5.4, = 1.5.5, = 1.5.6, = 1.5.7, = 1.5.8, = 1.5.9, = 1.5.10, = 1.5rc4, = 1.8.1 | — | 7.5 HIGH | ||
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in toolbar_ext.php in the MediaLibrary (com_media_library) component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in toolbar_ext.php in the BookLibrary (com_booklibrary) component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to classes/DBQ/admin/common.class.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| = 1.5.5, = 1.5.0_rc1, = 1.5.7, = 1.5.0_beta2, = 1.5.9, = 1.5.3, = 1.5.10, = 1.5.2, = 1.5.8, = 1.5.0_beta, = 1.5.6, = 1.5.0_beta1, = 1.5.1, = 1.5.4 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 1.5.5, = 1.5, = 1.5.7, = 1.5.9, = 1.5.3, = 1.5.10, = 1.5.2, = 1.5.8, = 1.5.1, = 1.5.6, = 1.5.4 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 1.5.5, = 1.5, = 1.5.7, = 1.5.0, = 1.5.9, = 1.5.3, = 1.5.10, = 1.5.1, = 1.5.2, = 1.5.4, = 1.5.6, = 1.5.8 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) imgcaptcha.php or (2) mp3captcha.php in assets/captcha/includes/captchaform/, or (3) assets/captcha/includes/captchatalk/swfmovie.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor. | ||||
| = 1.5.5, = 1.5, = 1.5.7, = 1.5.0, = 1.5.9, = 1.5.3, = 1.5.2, = 1.5.8, = 1.5.1, = 1.5.6, = 1.5.4 | — | 2.6 LOW | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component. | ||||
| = 1.5.5, = 1.5, = 1.5.7, = 1.5.0, = 1.5.9, = 1.5.3, = 1.5.2, = 1.5.8, = 1.5.6, = 1.5.4, = 1.5.1 | — | 6.8 MEDIUM | ||
Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site parameter. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component 1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php. | ||||
| = 1.5.5, = 1.0.13, = 1.0.9, = 1.5, = 1.5.0_rc1, <= 1.5.7, = 1.5.0_beta2, = 1.0, = 1.5.0, = 1.0.2, = 1.0.12, = 1.03, = 1.5.3, = 1.0.4, = 1.0.3, = 1.0.1, = 1.5.1, = 1.5.2, = 1.0.8, = 1.5.0_beta1, = 1.0.6, = 1.0.5, = 1.0.10, = 1.5rc4, = 1.5.0_beta, = 1.5.4, = 1.0.0, = 1.0.7, = 1.0.14, = 1.0.11, = 1.5.6, = 1.5rc3 | — | 3.5 LOW | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission." | ||||
| all versions | — | 6.5 MEDIUM | ||
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary SQL commands via (1) a content type or (2) a voting API value. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified messages. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2 | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php. | ||||
| <= 1.5.8, = 1.0, = 1.0.0, = 1.0.1, = 1.0.2, = 1.0.3, = 1.0.4, = 1.0.5, = 1.0.6, = 1.0.7, = 1.0.8, = 1.0.9, = 1.0.10, = 1.0.11, = 1.0.12, = 1.0.13, = 1.0.14, = 1.03, = 1.5, = 1.5.0, = 1.5.1, = 1.5.2, = 1.5.3, = 1.5.4, = 1.5.5, = 1.5.6 | — | 5 MEDIUM | ||
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple PHP remote file inclusion vulnerabilities in the Clickheat - Heatmap stats (com_clickheat) component 1.0.1 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a) install.clickheat.php, (b) Cache.php and (c) Clickheat_Heatmap.php in Recly/Clickheat/, and (d) Recly/common/GlobalVariables.php; and the (2) mosConfig_absolute_path parameter to (e) _main.php and (f) main.php in includes/heatmap, and (g) includes/overview/main.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions (com_competitions) component 1.0 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a) add.php and (b) competitions.php in includes/competitions/, and the (2) mosConfig_absolute_path parameter to (c) includes/settings/settings.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator (com_feederator) component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) mosConfig_absolute_path parameter to (a) add_tmsp.php, (b) edit_tmsp.php and (c) tmsp.php in includes/tmsp/; and the (2) GLOBALS[mosConfig_absolute_path] parameter to (d) includes/tmsp/subscription.php. | ||||
| = 1.5.8 | 7.5 HIGH | 5 MEDIUM | ||
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | ||||
| = 1.0.13, <= 1.0.14, = 1.0.12, = 1.0.11 | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| = 1.0 | — | 10 HIGH | ||
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action. | ||||
| all versions | — | 9 HIGH | ||
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| = 1.5.5, = 1.5, = 1.5.3, = 1.5.2, = 1.5.1, = 1.5.4, = 1.5.6 | — | 7.5 HIGH | ||
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact. | ||||
| = 1.5.5, = 1.5, = 1.5.3, = 1.5.2, = 1.5.1, = 1.5.4, = 1.5.6 | — | 5.8 MEDIUM | ||
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | ||||
| = 1.5.5, = 1.5, = 1.5.3, = 1.5.2, = 1.5.1, = 1.5.4, = 1.5.6 | — | 5 MEDIUM | ||
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. | ||||
| = 1.5.5, = 1.5, = 1.5.3, = 1.5.2, = 1.5.1, = 1.5.4, = 1.5.6 | — | 7.5 HIGH | ||
Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| = 1.0.13, = 1.0.9, = 1.5, = 1.5.0_rc1, = 1.5.0_beta2, = 1.0, = 1.5.2, = 1.0.1, = 1.0.3, = 1.0.10, = 1.0.5, = 1.0.6, = 1.5.0_beta1, = 1.0.2, = 1.03, <= 1.5.3, = 1.0.0, = 1.0.4, = 1.5.0_beta, = 1.0.11, = 1.0.12, = 1.0.7, = 1.0.8, = 1.5.1 | — | 7.5 HIGH | ||
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. | ||||
| = 1.0.13, = 1.0.9, = 1.5, = 1.5.0_rc1, = 1.5.0_beta2, = 1.0, = 1.5.2, = 1.0.1, = 1.0.3, = 1.0.2, = 1.5.0_beta, = 1.0.10, = 1.0.11, = 1.0.6, = 1.0.7, = 1.0.8, = 1.5.1, = 1.0.12, = 1.03, <= 1.5.3, = 1.0.0, = 1.0.4, = 1.0.5, = 1.5.0_beta1 | — | 7.5 HIGH | ||
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | ||||
| = 1.0.13, = 1.0.9, = 1.5, = 1.5.0_rc1, = 1.5.0_beta2, = 1.0, = 1.5.2, = 1.0.1, = 1.0.3, = 1.0.10, = 1.0.5, = 1.0.6, = 1.0.2, = 1.03, <= 1.5.3, = 1.0.0, = 1.0.4, = 1.5.0_beta, = 1.5.0_beta1, = 1.0.11, = 1.0.12, = 1.0.7, = 1.0.8, = 1.5.1 | — | 5 MEDIUM | ||
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors. | ||||
| = 1.0.13, = 1.0.9, = 1.5, = 1.5.0_rc1, = 1.5.0_beta2, = 1.0, = 1.5.2, = 1.0.1, = 1.0.3, = 1.0.11, = 1.0.12, = 1.0.7, = 1.0.8, = 1.5.1, = 1.0.10, = 1.0.5, = 1.0.6, = 1.5.0_beta1, = 1.0.0, = 1.0.4, = 1.5.0_beta, = 1.0.2, = 1.03, <= 1.5.3 | — | 10 HIGH | ||
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix." | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | ||||
| = 1.0.4 | — | 7.5 HIGH | ||
SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 5 MEDIUM | ||
Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. | ||||
| all versions | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| all versions, <= 1.5 | — | 6.8 MEDIUM | ||
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php. | ||||
| all versions | — | 9.3 HIGH | ||
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter. | ||||
| = 1.0 | — | 7.5 HIGH | ||
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. | ||||
| all versions | — | 7.5 HIGH | ||
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php. | ||||
| = 1.5rc4 | — | 7.5 HIGH | ||
Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability." | ||||
| = 1.5rc4 | — | 6.5 MEDIUM | ||
Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model. | ||||
| = 1.5rc4 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| = 1.5rc4 | — | 6.8 MEDIUM | ||
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors. | ||||
| = 1.5rc3 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component. | ||||
| < 1.0.13 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) install.joomla_flash_uploader.php and (2) uninstall.joomla_flash_uploader.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| <= 1.0.13 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: a reliable third party disputes this issue because preview.php tests a certain constant to prevent direct requests | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.panoramic.php in the Panoramic Picture Viewer (com_panoramic) mambot (plugin) 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite (com_mosmedia) 4.5.1 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) credits.html.php, (2) info.html.php, (3) media.divs.php, (4) media.divs.js.php, (5) purchase.html.php, or (6) support.html.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: vector 3 may be the same as CVE-2007-2043.2. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| all versions | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| all versions | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| = 1.5.0_rc1, = 1.5.0_beta2, = 1.5.0_beta1 | — | 6.6 MEDIUM | ||
administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when com_installer is the value of the option parameter. | ||||
| = 1.5.0_rc1, = 1.5.0_beta2, = 1.5.0_beta | — | 6.8 MEDIUM | ||
Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories. | ||||
| = 1.5.0_rc1, = 1.5.0_beta2, = 1.5.0_beta | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section. | ||||
| = 1.5.0_rc1, = 1.5.0_beta2, = 1.5.0_beta1 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777. | ||||
| = 1.5.0_rc1, = 1.5.0_beta2, = 1.5.0_beta | — | 7.5 HIGH | ||
SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778. | ||||
| < 1.0.13 | — | 4.3 MEDIUM | ||
CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information. | ||||
| < 1.0.13 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | ||||
| < 1.0.13 | — | 9.3 HIGH | ||
Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors. | ||||
| = 1.5.0_beta | — | 7.5 HIGH | ||
Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/views/search/tmpl/ and (2) templates/beez/html/com_search/search/. | ||||
| = 1.0.12 | — | 5 MEDIUM | ||
Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages. | ||||
| = 1.0.12 | — | 7.5 HIGH | ||
SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | ||||
| = 1.5.0 | — | 6.8 MEDIUM | ||
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. | ||||
| = 1.0.9, = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7, = 1.0.0 | — | 7.5 HIGH | ||
The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks. | ||||
| = 1.0.9, = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7, = 1.0.0 | — | 7.5 HIGH | ||
Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors. | ||||
| = 1.0.9, = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7, = 1.0.0 | — | 7.5 HIGH | ||
Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029. | ||||
| = 2007-01-18 | — | 7.5 HIGH | ||
SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| = 1.5.0_beta | — | 5 MEDIUM | ||
Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive information via a direct request for (1) plugins/user/example.php; (2) gmail.php, (3) example.php, or (4) ldap.php in plugins/authentication/; (5) modules/mod_mainmenu/menu.php; or other unspecified PHP scripts, which reveals the path in various error messages, related to a jimport function call at the beginning of each script. | ||||
| = 1.5.0_beta, = 1.0.11 | — | 7.5 HIGH | ||
SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing. | ||||
| = 1.5.0_beta | — | 6.8 MEDIUM | ||
Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via (1) the searchword parameter in certain files; the where parameter in (2) plugins/search/content.php or (3) plugins/search/weblinks.php; the text parameter in (4) plugins/search/contacts.php, (5) plugins/search/categories.php, or (6) plugins/search/sections.php; or (7) the email parameter in database/table/user.php, which is not properly handled by the check function. | ||||
| = 1.0.9, = 1.0, = 1.0.1, = 1.0.3, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.10, = 1.0.5, = 1.0.7, = 1.0.11 | — | 6.8 MEDIUM | ||
Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." | ||||
| = 1.0.9, = 1.0, = 1.0.1, = 1.0.3, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.10, = 1.0.5, = 1.0.11, = 1.0.7 | — | 7.5 HIGH | ||
com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | ||||
| = 1.0.9, = 1.0, = 1.0.1, = 1.0.3, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.10, = 1.0.5, = 1.0.7, = 1.0.11 | — | 4.3 MEDIUM | ||
Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple PHP remote file inclusion vulnerabilities in Security Images (com_securityimages) component 3.0.5 and earlier for Joomla! allow remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter in (1) configinsert.php, (2) lang.php, (3) client.php, and (4) server.php. | ||||
| all versions | — | 6.8 MEDIUM | ||
Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528. | ||||
| = 1.0.9, <= 1.0.10 | — | 7.5 HIGH | ||
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Image; (4) ->load(); (5) content submissions when frontpage is selected; (6) the mosPageNav constructor; (7) saveOrder functions; (8) the absence of "exploit blocking rules" in htaccess; and (9) the ACL. | ||||
| = 1.0.9, <= 1.0.10 | — | 7.5 HIGH | ||
Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown impact and attack vectors. | ||||
| = 1.0.9, <= 1.0.10 | — | 6.8 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search. | ||||
| = 1.0.9, <= 1.0.10 | — | 5.1 MEDIUM | ||
Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. | ||||
| < 1.0.11 | — | 7.5 HIGH | ||
Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task. | ||||
| < 1.0.11 | — | 6.5 MEDIUM | ||
The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors. | ||||
| < 1.0.11 | — | 7.5 HIGH | ||
Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion. | ||||
| < 1.0.11 | — | 7.5 HIGH | ||
Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws." | ||||
| < 1.0.11 | — | 6.8 MEDIUM | ||
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module. | ||||
| = 1.0.9, <= 1.0.10 | — | 5 MEDIUM | ||
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Joomla!. | ||||
| = 1.0.9, = 1.0, = 1.0.1, = 1.0.3, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". | ||||
| = 1.0.9, = 1.0, = 1.0.1, = 1.0.3, = 1.0.8, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7 | — | 5.8 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules. | ||||
| = 1.0 | — | 7.5 HIGH | ||
PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | ||||
| all versions | — | 5 MEDIUM | ||
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter. | ||||
| = 1.0.7 | — | 5 MEDIUM | ||
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message. | ||||
| <= 1.0.7, = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.0 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. | ||||
| = 1.0, = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7 | — | 5 MEDIUM | ||
Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search. | ||||
| = 1.0.1, = 1.0.3, = 1.0.6, = 1.0.4, = 1.0.2, = 1.0.5, = 1.0.7, = 1.0.0 | — | 10 HIGH | ||
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. | ||||
| = 1.0.7 | — | 5 MEDIUM | ||
Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | ||||
| = 1.0.7 | — | 4.3 MEDIUM | ||
The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. | ||||
| = 1.0.7 | — | 7.8 HIGH | ||
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | ||||
| = 1.0.7 | — | 5 MEDIUM | ||
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | ||||
| = 1.0, = 1.0.1, = 1.0.3, = 1.0.4, = 1.0.2, = 1.0.5 | — | 10 HIGH | ||
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. | ||||
| = 1.0.5 | — | 5 MEDIUM | ||
The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php. | ||||
| = 1.03, = 1.0.3 | 5.3 MEDIUM | 5 MEDIUM | ||
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots. | ||||
| = 1.0, = 1.0.1, = 1.0.3, = 1.0.2 | — | 4.3 MEDIUM | ||
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF". | ||||
| = 1.0, = 1.0.1, = 1.0.3, = 1.0.2 | — | 10 HIGH | ||
Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions." | ||||
| = 1.0, = 1.0.1, = 1.0.3, = 1.0.2 | — | 7.5 HIGH | ||
Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class. | ||||