Vulnerabilities > Joomla > Joomla > 1.0.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-07 | CVE-2011-4910 | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
2012-10-07 | CVE-2011-4909 | Cross-Site Scripting vulnerability in Joomla Joomla! Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. | 4.3 |
2011-11-23 | CVE-2011-4332 | Cross-Site Scripting vulnerability in Joomla Joomla! Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-07-27 | CVE-2011-2890 | Information Exposure vulnerability in Joomla Joomla! The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488. | 5.0 |
2011-07-27 | CVE-2011-2889 | Information Exposure vulnerability in Joomla Joomla! templates/system/error.php in Joomla! before 1.5.23 might allow remote attackers to obtain sensitive information via unspecified vectors that trigger an undefined value of a certain error field, leading to disclosure of the installation path. | 5.0 |
2011-07-27 | CVE-2011-2488 | Information Exposure vulnerability in Joomla Joomla! Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2009-11-16 | CVE-2009-3946 | Information Exposure vulnerability in Joomla Joomla! Joomla! before 1.5.15 allows remote attackers to read an extension's XML file, and thereby obtain the extension's version number, via a direct request. | 5.0 |
2009-11-16 | CVE-2009-3945 | Remote Security vulnerability in Joomla! Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! before 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors. | 5.5 |