Vulnerabilities > Joomla > Joomla > 1.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-09-18 | CVE-2008-4104 | Link Following vulnerability in Joomla Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | 5.8 |
| 2008-09-18 | CVE-2008-4103 | Improper Input Validation vulnerability in Joomla COM Mailto The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. | 5.0 |
| 2008-09-18 | CVE-2008-4102 | Numeric Errors vulnerability in Joomla Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681. | 7.5 |
| 2008-07-18 | CVE-2008-3228 | Configuration vulnerability in Joomla Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. | 7.5 |
| 2008-07-18 | CVE-2008-3227 | Link Following vulnerability in Joomla Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | 7.5 |
| 2008-07-18 | CVE-2008-3226 | Permissions, Privileges, and Access Controls vulnerability in Joomla The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors. | 5.0 |
| 2008-07-18 | CVE-2008-3225 | Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix." | 10.0 |