Vulnerabilities > Joomla

DATE CVE VULNERABILITY TITLE RISK
2006-01-19 CVE-2006-0303 Remote Security vulnerability in Joomla
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors.
network
low complexity
joomla
critical
10.0
2006-01-09 CVE-2006-0114 Permissions, Privileges, and Access Controls vulnerability in Joomla 1.0.5
The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php.
network
low complexity
joomla CWE-264
5.0
2005-12-31 CVE-2005-4650 Denial-Of-Service vulnerability in Joomla 1.03
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.
network
low complexity
joomla
5.0
2005-11-23 CVE-2005-3773 Input Validation vulnerability in Joomla
Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions."
network
low complexity
joomla
critical
10.0
2005-11-23 CVE-2005-3772 Input Validation vulnerability in Joomla
Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.
network
low complexity
joomla
7.5
2005-11-23 CVE-2005-3771 Input Validation vulnerability in Joomla
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF".
network
joomla
4.3