Vulnerabilities > Joomla

DATE	CVE	VULNERABILITY TITLE	RISK
2012-08-10	CVE-2012-3554	SQL Injection vulnerability in Rsgallery2 COM Rsgallery2 SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity rsgallery2 joomla CWE-89	7.5
2012-07-03	CVE-2012-3829	Information Exposure vulnerability in Joomla Joomla! 2.5.3 Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header. network low complexity joomla CWE-200	5.0
2012-07-03	CVE-2012-3828	Cross-Site Scripting vulnerability in Joomla Joomla! 2.5.3 Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header. network joomla CWE-79	4.3
2012-07-03	CVE-2012-2748	Unspecified vulnerability in Joomla Joomla! Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." network low complexity joomla	5.0
2012-07-03	CVE-2012-2747	Unspecified vulnerability in Joomla Joomla! Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking." network low complexity joomla	7.5
2012-05-21	CVE-2012-2902	Unspecified vulnerability in Ryan Demmer Joomla Content Editor 2.0 Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht. network ryan-demmer joomla	6.0
2012-05-21	CVE-2012-2901	Cross-Site Scripting vulnerability in Ryan Demmer Joomla Content Editor 2.0 Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php. network ryan-demmer joomla CWE-79	4.3
2012-02-08	CVE-2012-1018	Cross-Site Scripting vulnerability in Dmackmedia MOD Currencyconverter 1.0.0 Cross-site scripting (XSS) vulnerability in includes/convert.php in D-Mack Media Currency Converter (mod_currencyconverter) module 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the from parameter. network dmackmedia joomla CWE-79	4.3
2011-12-25	CVE-2011-5004	Unspecified vulnerability in Fabrikar COM Fabrikar Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. network fabrikar joomla	6.0
2011-12-15	CVE-2011-4830	Cross-Site Scripting vulnerability in Barter-Sites COM Listing 1.3 Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php. network barter-sites joomla CWE-79	3.5

Vulnerabilities > Joomla {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Joomla"}]}

Vulnerabilities > Joomla