Page 160 of 804 results (0.005 seconds)

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. • http://secunia.com/advisories/19105 http://securityreason.com/securityalert/527 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23817 http://www.securityfocus.com/archive/1/426538/100/0/threaded •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. • http://securityreason.com/securityalert/527 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23815 http://www.securityfocus.com/archive/1/426538/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/25028 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. • http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23816 http://www.securityfocus.com/archive/1/426538/100/0/threaded •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. • http://secunia.com/advisories/18513 http://www.joomla.org/content/view/738/66 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php. • http://forge.joomla.org/sf/go/artf2950 http://forum.joomla.org/index.php/topic%2C29031.0.html http://secunia.com/advisories/18361 http://www.listerit.com/content/view/116/84 http://www.securityfocus.com/bid/16185 http://www.vupen.com/english/advisories/2006/0097 https://exchange.xforce.ibmcloud.com/vulnerabilities/24042 • CWE-264: Permissions, Privileges, and Access Controls •