NotCVE - vendor:"Joomla" product:"Joomla\!" version:"1.0.6"

Page 2 of 21 results (0.001 seconds)

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 2

CVE-2009-0113 – Joomla! Component xstandard editor 1.5.8 - Local Directory Traversal

https://notcve.org/view.php?id=CVE-2009-0113

09 Jan 2009 — Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. Vulnerabilidad de salto de directorio en attachmentlibrary.php en el componente XStandard para Joomla! v1.5.8 y versiones anteriores permite a atacantes remotos listar directorios de su elección a través de .. • https://www.exploit-db.com/exploits/7691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0

CVE-2008-3225

https://notcve.org/view.php?id=CVE-2008-3225

18 Jul 2008 — Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix." Versiones de Joomla! anteriores a 1.5.4 permiten a los atacantes el acceso a funciones de administración, con impacto desconocido y vectores de ataque relacionados con la falta de una actualizacion de seguridad de LDAP. • http://www.joomla.org/content/view/5180/1 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2008-3226

https://notcve.org/view.php?id=CVE-2008-3226

18 Jul 2008 — The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors. La implementación del caché de archivos en versiones de Joomla! anteriores a la 1.5.4 permite a los atacantes el acceso a páginas cacheadas a través de vectores de ataque desconocidos. • http://www.joomla.org/content/view/5180/1 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2008-3227

https://notcve.org/view.php?id=CVE-2008-3227

18 Jul 2008 — Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. Vulnerabilidad sin especificar en versiones de Joomla! anteriores a 1.5.4 tienen un impacto desconocido y vectores de ataque relacionados con un "parche para Spam de redireccionamiento de usuario", posiblemente una vulnerabilidad abierta de redirección. • http://www.joomla.org/content/view/5180/1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 9.1EPSS: 0%CPEs: 24EXPL: 0

CVE-2008-3228

https://notcve.org/view.php?id=CVE-2008-3228

18 Jul 2008 — Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. Joomla! anterior a 1.5.4 no aplica a .htaccess determinados controles de seguridad que bloquean exploits comunes a URLs con el plugin SEF, lo cual tiene un impacto desconocido y vectores de ataque remotos. • http://www.joomla.org/content/view/5180/1 • CWE-16: Configuration •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2006-7008

https://notcve.org/view.php?id=CVE-2006-7008

12 Feb 2007 — Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029. Vulnerabilidad no especificada en Joomla! anterior a 1.0.10 tiene impacto y vectores de ataque desconocidos, relacionados con "asegurar mosmsg contra el mal uso". • http://secunia.com/advisories/20874 •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2006-7009

https://notcve.org/view.php?id=CVE-2006-7009

12 Feb 2007 — Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors. Joomla! anterior a 1.0.10 permite a atacantes remotos falsear los formularios de envío del interfaz externo (frontend), lo cual tiene impacto y vectores de ataque desconocidos. • http://secunia.com/advisories/20874 •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2006-7010

https://notcve.org/view.php?id=CVE-2006-7010

12 Feb 2007 — The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks. La implementación de mosgetparam en Joomla! anterior a 1.0.10, no establece el tipo de dato de una variable a entero cuando el valor por defecto de la variable es numérico, lo cual tiene impacto y vectores de ataque no especificados, que pueden permitir ataques de inyecció... • http://secunia.com/advisories/20874 •

CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2006-1047

https://notcve.org/view.php?id=CVE-2006-1047

07 Mar 2006 — Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. • http://www.joomla.org/content/view/938/78 •

CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2006-1048

https://notcve.org/view.php?id=CVE-2006-1048

07 Mar 2006 — Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search. • http://secunia.com/advisories/19105 •

1 2 3