Vulnerabilities > Joomla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-02-13 | CVE-2013-1455 | Information Exposure vulnerability in Joomla Joomla! 3.0.0/3.0.1 Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable." | 5.0 |
2013-02-13 | CVE-2013-1454 | Information Exposure vulnerability in Joomla Joomla! 3.0.0/3.0.1/3.0.2 Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors." | 5.0 |
2013-02-13 | CVE-2013-1453 | Unspecified vulnerability in Joomla Joomla! plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. | 7.5 |
2013-01-24 | CVE-2012-6514 | Cross-Site Scripting vulnerability in Netshinesoftware COM Netinvoice 2.3.2 Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income action to administrator/index.php. | 4.3 |
2013-01-24 | CVE-2012-6503 | Security vulnerability in Ninjaforge COM Ninjaxplorer 1.0.4/1.0.5/1.0.6 Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. | 10.0 |
2012-12-03 | CVE-2012-1599 | Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. | 5.0 |
2012-12-03 | CVE-2012-1598 | Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability." | 7.5 |
2012-11-26 | CVE-2010-5286 | Path Traversal vulnerability in Joobi COM Jstore Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 10.0 |
2012-11-26 | CVE-2010-5280 | Path Traversal vulnerability in Joomla-Cbe COM CBE 1.4.10/1.4.8/1.4.9 Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-11-11 | CVE-2012-5827 | Clickjacking Security Bypass vulnerability in Joomla! Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." network joomla | 4.3 |