Vulnerabilities > Mapsplugin

DATE CVE VULNERABILITY TITLE RISK
2017-09-28 CVE-2014-9686 Resource Management Errors vulnerability in Mapsplugin Googlemaps
The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugin_googlemap3_kmlprxy.php.
4.3
2017-09-14 CVE-2013-7429 XML Injection (aka Blind XPath Injection) vulnerability in Mapsplugin Googlemaps 3.0
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.
network
low complexity
mapsplugin CWE-91
critical
9.8
2017-09-07 CVE-2013-7428 Resource Exhaustion vulnerability in Mapsplugin Googlemaps 3.0
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.
network
low complexity
mapsplugin CWE-400
7.5
2017-08-29 CVE-2013-7433 Cross-site Scripting vulnerability in Mapsplugin Googlemaps 3.0
Cross-site scripting (XSS) vulnerability in the Googlemaps plugin before 3.1 for Joomla!.
network
low complexity
mapsplugin CWE-79
6.1
2017-08-29 CVE-2013-7432 Permissions, Privileges, and Access Controls vulnerability in Mapsplugin Googlemaps 3.0
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism.
network
low complexity
mapsplugin CWE-264
7.5
2017-08-29 CVE-2013-7431 Information Exposure vulnerability in Mapsplugin Googlemaps 3.0
Full path disclosure in the Googlemaps plugin before 3.1 for Joomla!.
network
low complexity
mapsplugin CWE-200
5.3
2017-08-28 CVE-2013-7430 Cross-site Scripting vulnerability in Mapsplugin Googlemaps 3.0
Cross-site scripting (XSS) vulnerability in the Googlemaps plugin before 3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the xmlns parameter.
network
low complexity
mapsplugin CWE-79
6.1