Page 2 of 58 results (0.003 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field. Se detectó un problema en Joomla! versiones 1.6.0 hasta 3.9.24. • https://developer.joomla.org/security-centre/849-20210309-core-inadequate-filtering-of-form-contents-could-allow-to-overwrite-the-author-field.html •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. En com_mailto de Joomla! versiones 1.5.x hasta 1.5.13, presenta una omisión de tiempo de espera de correo automatizada. • https://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html https://www.openwall.com/lists/oss-security/2011/12/25/9 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Joomla! 1.5x through 1.5.12: Missing JEXEC Check Joomla! versión versiones 1.5x hasta 1.5.12: una Falta de Comprobación de JEXEC. • https://developer.joomla.org/security/news/301-20090722-core-file-upload.html https://www.openwall.com/lists/oss-security/2011/12/25/7 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. En Joomla! versiones anteriores a 3.9.11, las comprobaciones inadecuadas en la función com_contact podrían permitir el envío de correo en formularios deshabilitados. • https://developer.joomla.org/security-centre/789-20190801-core-hardening-com-contact-contact-form •

CVSS: 9.8EPSS: 52%CPEs: 1EXPL: 3

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. Un problema fue descubierto en Joomla! versiones anteriores a 3.9.5. • https://www.exploit-db.com/exploits/46710 https://github.com/dpgg101/CVE-2019-10945 http://packetstormsecurity.com/files/152515/Joomla-3.9.4-Arbitrary-File-Deletion-Directory-Traversal.html https://developer.joomla.org/security-centre/777-20190401-core-directory-traversal-in-com-media • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •