CVE-2012-0835
https://notcve.org/view.php?id=CVE-2012-0835
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator." Vulnerabilidad no especificada en Joomla! v1.7.x anterior a v1.7.5 y v2.5.x anterior a v2.5.1 permite a atacantes obtener información sensible a través de vectores desconocidos relacionados con el "administrador". • http://developer.joomla.org/security/news/387-20120201-core-information-disclosure http://secunia.com/advisories/47847 http://www.joomla.org/announcements/release-news/5410-joomla-251-released.html http://www.joomla.org/announcements/release-news/5411-joomla-175-released.html http://www.openwall.com/lists/oss-security/2012/02/03/6 http://www.openwall.com/lists/oss-security/2012/02/03/9 http://www.osvdb.org/78824 •
CVE-2012-3554
https://notcve.org/view.php?id=CVE-2012-3554
SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en el componente RSGallery2 (com_rsgallery2) anterior a v2.3.0 para Joomla! v1.5.x, y anterior a v3.2.0 para Joomla! • http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/142 http://joomlacode.org/gf/project/rsgallery2/news http://www.rsgallery2.nl/announcements/rsgallery2_3.2.0_and_2.3.0_released_16845.0.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2012-4071
https://notcve.org/view.php?id=CVE-2012-4071
Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el módulo RSGallery2 (com_rsgallery2) anterior a v2.3.0 para Joomla! v1.5.x, y anteriores a v3.2.0 para Joomla! • http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/142 http://joomlacode.org/gf/download/frsrelease/17325/75427/com_rsgallery2_2.3.0.zip http://joomlacode.org/gf/download/frsrelease/17326/75428/com_rsgallery2_3.2.0.zip http://joomlacode.org/gf/project/rsgallery2/news http://www.rsgallery2.nl/announcements/rsgallery2_3.2.0_and_2.3.0_released_16845.0.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-4235
https://notcve.org/view.php?id=CVE-2012-4235
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI. El componente The RSGallery2 (com_rsgallery2) anterior a v3.2.0 para Joomla! v2.5.x no coloca archivos index.html en los directorios de imágenes, lo que permite a atacantes remotos enumerar nombres de fichero de imagen a través de una petición de un URI del directorio. • http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/142 http://joomlacode.org/gf/download/frsrelease/17326/75428/com_rsgallery2_3.2.0.zip http://joomlacode.org/gf/project/rsgallery2/news http://www.rsgallery2.nl/announcements/rsgallery2_3.2.0_and_2.3.0_released_16845.0.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-2748
https://notcve.org/view.php?id=CVE-2012-2748
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." Vulnerabilidad no especifica en Joomla! v2.5.x anteriores a v2.5.5 permite a atacantes remotos obtener información sensible a través de vectores relacionados con un filtrado inadecuado y un error SQL. • http://developer.joomla.org/security/news/471-20120602-core-information-disclosure http://osvdb.org/83069 http://secunia.com/advisories/49605 http://www.joomla.org/announcements/release-news/5427-joomla-255-released.html http://www.openwall.com/lists/oss-security/2012/06/19/2 http://www.securityfocus.com/bid/54073 https://exchange.xforce.ibmcloud.com/vulnerabilities/76414 •