Vulnerabilities > Joomla > Joomla > 1.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-12 | CVE-2006-7010 | SQL-Injection vulnerability in Joomla The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks. | 7.5 |
| 2007-02-12 | CVE-2006-7009 | Remote Security vulnerability in Joomla Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors. | 7.5 |
| 2007-02-12 | CVE-2006-7008 | Remote Security vulnerability in Joomla Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029. | 7.5 |
| 2006-12-31 | CVE-2006-6834 | Cross-Site Scripting vulnerability in Joomla Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." network joomla | 6.8 |
| 2006-12-31 | CVE-2006-6833 | Cross-Site Scripting vulnerability in Joomla com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | 7.5 |
| 2006-12-31 | CVE-2006-6832 | Cross-Site Scripting vulnerability in Joomla Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. | 4.3 |
| 2006-08-31 | CVE-2006-4472 | Unspecified vulnerability in Joomla Joomla! Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task. | 7.5 |
| 2006-08-31 | CVE-2006-4471 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors. | 6.5 |
| 2006-08-31 | CVE-2006-4470 | Unspecified vulnerability in Joomla Joomla! Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion. | 7.5 |
| 2006-08-31 | CVE-2006-4469 | Unspecified vulnerability in Joomla Joomla! Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws." | 7.5 |