Page 19 of 92 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0

CVE-2014-7984

https://notcve.org/view.php?id=CVE-2014-7984

Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication. Joomla! CMS 2.5.x anterior a 2.5.19 y 3.x anterior a 3.2.3 permite a atacantes remotos autenticarse y evadir restricciones a través de vectores que involucran la autenticación de GMail. • http://developer.joomla.org/security/581-20140304-core-unauthorised-logins.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 77%CPEs: 24EXPL: 3

CVE-2013-5576 – Joomla! Component Media Manager - Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2013-5576

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013. administrator/components/com_media/helpers/media.php en el gestor de medios de Joomla! 2.5.x anterior a la versión 2.5.14 y 3.x anterior a 3.1.5 permite a usuarios remotos autenticados o a atacantes remotos evadir restricciones de acceso intencionadas y subir archivos con extensiones peligrosas a través de un nombre de archivo con un . (punto), tal y como se explotó activamente en agosto de 2013. • https://www.exploit-db.com/exploits/27610 http://developer.joomla.org/security/563-20130801-core-unauthorised-uploads.html http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626 http://seclists.org/oss-sec/2013/q3/484 http://seclists.org/oss-sec/2013/q3/486 http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites http://www.exploit-db.com/exploits/27610 http://www.kb.cert.org/vuls/id/639620 • CWE-20: Improper Input Validation •