CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2014-7984
https://notcve.org/view.php?id=CVE-2014-7984
Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication. Joomla! CMS 2.5.x anterior a 2.5.19 y 3.x anterior a 3.2.3 permite a atacantes remotos autenticarse y evadir restricciones a través de vectores que involucran la autenticación de GMail. • http://developer.joomla.org/security/581-20140304-core-unauthorised-logins.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-7981
https://notcve.org/view.php?id=CVE-2014-7981
SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Joomla! CMS 3.1.x y 3.2.x anterior a 3.2.3 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://developer.joomla.org/security/578-20140301-core-sql-injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2013-5583
https://notcve.org/view.php?id=CVE-2013-5583
Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. Cross-site scripting (XSS) en libraries/idna_convert/example.php de Joomla! 3.1.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro lang. • http://disse.cting.org/2013/08/05/joomla-core-3_1_5_reflected-xss-vulnerability http://www.securityfocus.com/bid/61600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •