Vulnerabilities > Joomla > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-22 | CVE-2011-3595 | Cross-site Scripting vulnerability in Joomla Joomla! Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. | 3.5 |
2019-01-16 | CVE-2019-6262 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.2. | 3.5 |
2019-01-16 | CVE-2019-6263 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.2. | 3.5 |
2018-08-29 | CVE-2018-15880 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.12. | 3.5 |
2018-05-22 | CVE-2018-11326 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 3.5 |
2018-05-22 | CVE-2018-11328 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 2.6 |
2011-12-15 | CVE-2011-4830 | Cross-Site Scripting vulnerability in Barter-Sites COM Listing 1.3 Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php. | 3.5 |
2010-10-05 | CVE-2010-2535 | Cross-Site Scripting vulnerability in Joomla Joomla! Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens. | 3.5 |
2010-08-16 | CVE-2010-3028 | Permissions, Privileges, and Access Controls vulnerability in Simon Philips Aardvertiser 2.2.1 The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files. | 3.6 |
2010-03-02 | CVE-2010-0801 | Path Traversal vulnerability in Autartica COM Autartitarot 1.0.3 Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. | 3.5 |