Page 2 of 65 results (0.008 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field. Se detectó un problema en Joomla! versiones 1.6.0 hasta 3.9.24. • https://developer.joomla.org/security-centre/849-20210309-core-inadequate-filtering-of-form-contents-could-allow-to-overwrite-the-author-field.html •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations. Se detectó un problema en Joomla! versiones 1.7.0 hasta 3.9.22. • https://developer.joomla.org/security-centre/834-20201107-core-write-acl-violation-in-multiple-core-views.html • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype. Se detectó un problema en Joomla! versiones anteriores a 3.9.16. • https://developer.joomla.org/security-centre/807-20200306-core-sql-injection-in-featured-articles-menu-parameters • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. En com_mailto de Joomla! versiones 1.5.x hasta 1.5.13, presenta una omisión de tiempo de espera de correo automatizada. • https://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html https://www.openwall.com/lists/oss-security/2011/12/25/9 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Joomla! 1.5x through 1.5.12: Missing JEXEC Check Joomla! versión versiones 1.5x hasta 1.5.12: una Falta de Comprobación de JEXEC. • https://developer.joomla.org/security/news/301-20090722-core-file-upload.html https://www.openwall.com/lists/oss-security/2011/12/25/7 • CWE-434: Unrestricted Upload of File with Dangerous Type •