Page 31 of 167 results (0.017 seconds)

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." Joomla! versiones 2.5.x anteriores a 2.5.8 y versiones 3.0.x anteriores a 3.0.2, permite a los atacantes remotos conducir ataques de secuestro de cliqueo por medio de vectores no especificados que implican "Inadequate protection". • http://developer.joomla.org/security/news/543-20121101-core-clickjacking.html http://developer.joomla.org/security/news/544-20121102-core-clickjacking.html http://secunia.com/advisories/51187 http://www.securityfocus.com/bid/56397 http://www.securitytracker.com/id?1027744 https://exchange.xforce.ibmcloud.com/vulnerabilities/79925 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1

Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en modules/mod_languages/tmpl/default.php en el módulo Language Switcher para Joomla! v2.5.x antes de v2.5.7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de PATH_INFO a index.php. • http://developer.joomla.org/security/news/540-20120902-core-xss-vulnerability http://secunia.com/advisories/49678 http://www.darksecurity.de/advisories/2012/SSCHADV2012-014.txt http://www.joomla.org/announcements/release-news/5463-joomla-2-5-7-released.html http://www.openwall.com/lists/oss-security/2012/10/07/3 http://www.openwall.com/lists/oss-security/2012/10/19/4 http://www.osvdb.org/83490 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Joomla! v2.5.x antes de v2.5.7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especifidados. • http://developer.joomla.org/security/news/539-20120901-core-xss-vulnerability http://secunia.com/advisories/49678 http://www.joomla.org/announcements/release-news/5463-joomla-2-5-7-released.html http://www.openwall.com/lists/oss-security/2012/10/07/3 http://www.openwall.com/lists/oss-security/2012/10/19/4 https://exchange.xforce.ibmcloud.com/vulnerabilities/79725 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error." Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente de búsqueda de idioma en Joomla! antes de v3.0.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados, relacionado con un "error tipográfico". • http://developer.joomla.org/security/news/541-20121001-core-xss-vulnerability http://osvdb.org/86134 http://secunia.com/advisories/50879 http://www.joomla.org/announcements/release-news/5468-joomla-3-0-1-released.html http://www.securityfocus.com/bid/55858 https://exchange.xforce.ibmcloud.com/vulnerabilities/79171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Joomla! v2.5.0 y 2.5.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores especificados • http://developer.joomla.org/security/news/392-20120302-core-xss-vulnerability.html http://secunia.com/advisories/48005 http://www.openwall.com/lists/oss-security/2012/03/06/12 http://www.openwall.com/lists/oss-security/2012/03/06/5 http://www.osvdb.org/79836 http://www.securityfocus.com/bid/52314 https://exchange.xforce.ibmcloud.com/vulnerabilities/73700 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •