Vulnerabilities > Joomla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-10-31 | CVE-2012-4532 | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | 4.3 |
| 2012-10-31 | CVE-2012-4531 | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-10-22 | CVE-2012-5455 | Cross-Site Scripting vulnerability in Joomla Joomla! 3.0.0 Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error." | 4.3 |
| 2012-10-07 | CVE-2011-4911 | Improper Input Validation vulnerability in Joomla Joomla! Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors. | 5.0 |
| 2012-10-07 | CVE-2011-4910 | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
| 2012-10-07 | CVE-2011-4909 | Cross-Site Scripting vulnerability in Joomla Joomla! Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. | 4.3 |
| 2012-10-01 | CVE-2012-5232 | Cross-Site Scripting vulnerability in Mediafire MOD Quick Form Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-10-01 | CVE-2012-5230 | Security vulnerability in Harmistechnology COM Jesubmit 1.4 Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors. | 7.5 |
| 2012-09-26 | CVE-2012-1117 | Cross-Site Scripting vulnerability in Joomla Joomla! 2.5.0/2.5.1 Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-09-26 | CVE-2012-1116 | SQL Injection vulnerability in Joomla Joomla! SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |