Vulnerabilities > Joomla > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-08 | CVE-2007-4188 | Session Fixation vulnerability in Joomla Joomla! Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors. | 9.3 |
2007-03-27 | CVE-2007-1699 | Remote File Include vulnerability in Mambo SWMenu MosConfig_Absolute_Path Parameter Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager/Classes/ImageManager.php under the (1) components/ or (2) administrator/components/ directory trees. | 10.0 |
2007-03-22 | CVE-2007-1596 | Remote File Include vulnerability in NFN Address Book mosConfig_Absolute_Path Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php. | 9.3 |
2006-03-07 | CVE-2006-1047 | Remote Security vulnerability in Joomla Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. | 10.0 |
2006-01-19 | CVE-2006-0303 | Remote Security vulnerability in Joomla Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. | 10.0 |
2005-11-23 | CVE-2005-3773 | Input Validation vulnerability in Joomla Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions." | 10.0 |