CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-4468
https://notcve.org/view.php?id=CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module. Múltiples vulnerabilidades no especificadas en Joomla! anterior a 1.0.11, relacionado con la invalidez de la entrada, permite a un atacante remoto tener un impacto desconocido a través de vectores no especificados que abarcan las funciones (1) mosMail, (2) JosIsValidEmail y(3) josSpoofValue; (4) la carencia de la inclusión de globals.php en administrator/index.php; el Admin User Manager; y el (6) módulo poll. • http://secunia.com/advisories/21666 http://www.joomla.org/content/view/1841/78 http://www.joomla.org/content/view/1843/74 http://www.vupen.com/english/advisories/2006/3408 https://exchange.xforce.ibmcloud.com/vulnerabilities/28628 • CWE-20: Improper Input Validation •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4473
https://notcve.org/view.php?id=CVE-2006-4473
Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. Vulnerabilidad no especificada en com_content en Joomla! anterior 1.0.11, cuando esta asignado $mosConfig_hideEmail, permite a un atacante realizar tareas emailform y emailsend. • http://secunia.com/advisories/21666 http://www.joomla.org/content/view/1841/78 http://www.joomla.org/content/view/1843/74 http://www.vupen.com/english/advisories/2006/3408 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4475
https://notcve.org/view.php?id=CVE-2006-4475
Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown impact and attack vectors. Joomla! anterior a 1.0.11 no limita el acceso a la funcionabilidad Admin Popups, lo cual tiene un impacto desconocido y vectores de ataque. • http://secunia.com/advisories/21666 http://www.joomla.org/content/view/1841/78 http://www.joomla.org/content/view/1843/74 http://www.vupen.com/english/advisories/2006/3408 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4466
https://notcve.org/view.php?id=CVE-2006-4466
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Joomla!. Joomla! anterior a 1.0.11 no desestablece variables adecuadamente cuando la información de entrada incluye un parámetro numérico con un valor correspondiente a una valor hash de un parámetro alfanumérico, lo cual permite a atacantes remotos tener impacto desconocido. • http://www.joomla.org/content/view/1841/78 http://www.vupen.com/english/advisories/2006/3408 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2006-4469
https://notcve.org/view.php?id=CVE-2006-4469
Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws." Vulnerabilidad no especificado en PEAR.php in Joomla! anterior a 1.0.11 permite a un atacante remoto realizar "ejecuciones remotas", relacionado con "defectos de inyección". • http://secunia.com/advisories/21666 http://www.joomla.org/content/view/1841/78 http://www.joomla.org/content/view/1843/74 http://www.vupen.com/english/advisories/2006/3408 https://exchange.xforce.ibmcloud.com/vulnerabilities/28629 •