Vulnerabilities > Joomla > Joomla > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-07 | CVE-2006-1030 | Information Disclosure vulnerability in Joomla 1.0.7 Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | 5.0 |
2006-03-07 | CVE-2006-1029 | Cross-Site Scripting vulnerability in Joomla 1.0.7 The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. network joomla | 4.3 |
2006-03-07 | CVE-2006-1027 | Information Disclosure vulnerability in Joomla 1.0.7 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | 5.0 |
2005-11-23 | CVE-2005-3771 | Input Validation vulnerability in Joomla Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF". network joomla | 4.3 |