CVE-2011-4912
https://notcve.org/view.php?id=CVE-2011-4912
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. En com_mailto de Joomla! versiones 1.5.x hasta 1.5.13, presenta una omisión de tiempo de espera de correo automatizada. • https://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html https://www.openwall.com/lists/oss-security/2011/12/25/9 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2011-3629
https://notcve.org/view.php?id=CVE-2011-3629
Joomla! core 1.7.1 allows information disclosure due to weak encryption Joomla! core versión 1.7.1, permite una divulgación de información debido a un cifrado débil. • http://www.openwall.com/lists/oss-security/2012/03/02/4 http://www.openwall.com/lists/oss-security/2012/03/02/8 http://www.openwall.com/lists/oss-security/2012/03/28/6 https://developer.joomla.org/security/news/370-20111001-core-information-disclosure • CWE-326: Inadequate Encryption Strength •
CVE-2011-4937
https://notcve.org/view.php?id=CVE-2011-4937
Joomla! 1.7.1 has core information disclosure due to inadequate error checking. Joomla! versión 1.7.1, presenta una divulgación de información central debido a una comprobación inadecuada de errores. • http://www.openwall.com/lists/oss-security/2012/03/02/1 http://www.openwall.com/lists/oss-security/2012/03/02/4 http://www.openwall.com/lists/oss-security/2012/03/28/6 https://developer.joomla.org/security/news/371-20111002-core-information-disclosure.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-8419
https://notcve.org/view.php?id=CVE-2020-8419
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities. Se detectó un problema en Joomla! versiones anteriores a 3.9.15. • https://developer.joomla.org/security-centre/798-20200101-core-csrf-in-batch-actions • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2020-8421
https://notcve.org/view.php?id=CVE-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs. Se detectó un problema en Joomla! versiones anteriores a 3.9.15. • https://developer.joomla.org/security-centre/800-20200103-core-xss-in-com-actionlogs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •