Page 16 of 113 results (0.009 seconds)

CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0

Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix." Versiones de Joomla! anteriores a 1.5.4 permiten a los atacantes el acceso a funciones de administración, con impacto desconocido y vectores de ataque relacionados con la falta de una actualizacion de seguridad de LDAP. • http://www.joomla.org/content/view/5180/1 http://www.openwall.com/lists/oss-security/2008/07/12/2 http://www.securityfocus.com/bid/30125 https://exchange.xforce.ibmcloud.com/vulnerabilities/43648 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. Joomla! anterior a 1.5.4 no aplica a .htaccess determinados controles de seguridad que bloquean exploits comunes a URLs con el plugin SEF, lo cual tiene un impacto desconocido y vectores de ataque remotos. • http://www.joomla.org/content/view/5180/1 http://www.joomla.org/content/view/5180/1/1/1/#htaccess http://www.openwall.com/lists/oss-security/2008/07/12/2 https://exchange.xforce.ibmcloud.com/vulnerabilities/44206 • CWE-16: Configuration •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. Vulnerabilidad sin especificar en versiones de Joomla! anteriores a 1.5.4 tienen un impacto desconocido y vectores de ataque relacionados con un "parche para Spam de redireccionamiento de usuario", posiblemente una vulnerabilidad abierta de redirección. • http://www.joomla.org/content/view/5180/1 http://www.openwall.com/lists/oss-security/2008/07/12/2 https://exchange.xforce.ibmcloud.com/vulnerabilities/44205 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0

The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors. La implementación del caché de archivos en versiones de Joomla! anteriores a la 1.5.4 permite a los atacantes el acceso a páginas cacheadas a través de vectores de ataque desconocidos. • http://www.joomla.org/content/view/5180/1 http://www.openwall.com/lists/oss-security/2008/07/12/2 http://www.securityfocus.com/bid/30125 https://exchange.xforce.ibmcloud.com/vulnerabilities/43650 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. Múltiples vulnerabilidades de inyección SQL en el componente EXP JoomRadio (com_joomradio) 1.0 para Joomla! permiten a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción (1) show_radio o (2) show_video de index.php. • https://www.exploit-db.com/exploits/5729 https://www.exploit-db.com/exploits/12400 http://packetstormsecurity.org/0806-exploits/joomlajoomradio-sql.txt http://secunia.com/advisories/30513 http://www.securityfocus.com/archive/1/501069/100/0/threaded http://www.securityfocus.com/bid/29504 https://exchange.xforce.ibmcloud.com/vulnerabilities/42814 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •