Vulnerabilities > Joomla > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-11-04 | CVE-2016-8870 | Improper Input Validation vulnerability in Joomla Joomla! The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting. | 8.1 |
2016-01-12 | CVE-2015-8769 | SQL Injection vulnerability in Joomla Joomla! SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. | 7.3 |
2008-12-19 | CVE-2008-4122 | Cleartext Transmission of Sensitive Information vulnerability in Joomla Joomla! 1.5.8 Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 7.5 |