Page 28 of 140 results (0.028 seconds)

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en com_contact en Joomla! CMS 3.1.2 hasta 3.2.x anterior a 3.2.3 permite a atacantes remotos inyectar secuencias de comandos arbitrarios a través de vectores no especificados. • http://developer.joomla.org/security/579-20140302-core-xss-vulnerability.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 1%CPEs: 32EXPL: 0

Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication. Joomla! 2.5.x anterior a 2.5.25, 3.x anterior a 3.2.4, y 3.3.x anterior a 3.3.4 permite a atacantes remotos autenticar y evadir las restricciones de acceso a través de vectores que involucran la autenticación LDAP . • http://developer.joomla.org/security/594-20140902-core-unauthorised-logins.html http://secunia.com/advisories/61606 http://secunia.com/advisories/61638 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 0%CPEs: 31EXPL: 0

Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x before 3.2.6, and 3.3.x before 3.3.5 allows attackers to cause a denial of service via unspecified vectors. Vulnerabilidad no especificada en Joomla! anterior a 2.5.4 anterior a 2.5.26, 3.x anterior a 3.2.6, y 3.3.x anterior a 3.3.5 permite a atacantes causar una denegación de servicio a través de vectores no especificados. • http://developer.joomla.org/security/596 •

CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0

Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication. Joomla! CMS 2.5.x anterior a 2.5.19 y 3.x anterior a 3.2.3 permite a atacantes remotos autenticarse y evadir restricciones a través de vectores que involucran la autenticación de GMail. • http://developer.joomla.org/security/581-20140304-core-unauthorised-logins.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Joomla! CMS 3.1.x y 3.2.x anterior a 3.2.3 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://developer.joomla.org/security/578-20140301-core-sql-injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •