Vulnerabilities > Joomla > Joomla > 1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-31 | CVE-2006-6833 | Cross-Site Scripting vulnerability in Joomla com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | 7.5 |
2006-12-31 | CVE-2006-6832 | Cross-Site Scripting vulnerability in Joomla Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. | 4.3 |
2006-07-10 | CVE-2006-3481 | Input Validation vulnerability in Joomla! Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". | 7.5 |
2006-07-10 | CVE-2006-3480 | Input Validation vulnerability in Joomla! Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules. network joomla | 5.8 |
2006-06-12 | CVE-2006-2960 | Remote File Include vulnerability in Joomla 1.0 PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | 7.5 |
2006-03-07 | CVE-2006-1048 | Security Bypass vulnerability in Joomla Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search. | 5.0 |
2006-01-19 | CVE-2006-0303 | Remote Security vulnerability in Joomla Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. | 10.0 |
2005-11-23 | CVE-2005-3773 | Input Validation vulnerability in Joomla Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions." | 10.0 |
2005-11-23 | CVE-2005-3772 | Input Validation vulnerability in Joomla Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class. | 7.5 |
2005-11-23 | CVE-2005-3771 | Input Validation vulnerability in Joomla Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF". network joomla | 4.3 |