Page 3 of 20 results (0.005 seconds)

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0

Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors. Vulnerabilidad no especificada en la extensión XML-RPC Blogger API de Joomla! 1.5 permite a atacantes remotos realizar operaciones de artículo no autorizadas en artículos a través de vectores desconocidos. • http://secunia.com/advisories/28861 http://www.joomla.org/content/view/4560/1 http://www.securityfocus.com/bid/27719 https://exchange.xforce.ibmcloud.com/vulnerabilities/41563 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2

Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el componente de Joomla!, com_search 1.0.13 y versiones anteriores permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro searchword. NOTA: Este asunto podría estar relacionado con CVE-2007-4189.1. • https://www.exploit-db.com/exploits/30655 http://osvdb.org/37709 http://secunia.com/advisories/27196 http://securityreason.com/securityalert/3216 http://securityvulns.ru/Rdocument919.html http://websecurity.com.ua/1203 http://www.securityfocus.com/archive/1/482006/100/0/threaded http://www.securityfocus.com/bid/26031 http://www.vupen.com/english/advisories/2007/3495 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. com_categories en Joomla! anterior a 1.0.12 no valida la entrada, lo cual tiene un impacto desconocido y ataques remotos en vectores. • http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 •

CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 0

Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." Mútiples vulnerabilidades no especificadas en Joomla! anterior a 1.0.12 tienen un impacto desconocido y ataca vectores relacionados con (1) "funciones innecesarias de herencia" y (2) "Varias soluciones de seguridad de nivel bajo." • http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2446/1 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 •

CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0

Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Joomla! anterior a 1.0.12 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de vectores no especificados, posiblemente relacionados con poll.php o el módulo title. • http://forge.joomla.org/sf/go/artf5985?nav=1 http://forge.joomla.org/sf/go/artf6844?nav=1 http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •