Page 33 of 188 results (0.013 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header. Joomla! v2.5.3 permite a atacantes remotos obtener la ruta de instalación a través de Host HTTP Header • http://packetstormsecurity.org/files/112249/Joomla-2.5.3-Host-Header-Cross-Site-Scripting.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Joomla! v2.5.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de Host HTTP Header. • http://packetstormsecurity.org/files/112249/Joomla-2.5.3-Host-Header-Cross-Site-Scripting.html http://www.securityfocus.com/bid/53277 https://exchange.xforce.ibmcloud.com/vulnerabilities/75223 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." Vulnerabilidad no especifica en Joomla! v2.5.x anteriores a v2.5.5 permite a atacantes remotos obtener información sensible a través de vectores relacionados con un filtrado inadecuado y un error SQL. • http://developer.joomla.org/security/news/471-20120602-core-information-disclosure http://osvdb.org/83069 http://secunia.com/advisories/49605 http://www.joomla.org/announcements/release-news/5427-joomla-255-released.html http://www.openwall.com/lists/oss-security/2012/06/19/2 http://www.securityfocus.com/bid/54073 https://exchange.xforce.ibmcloud.com/vulnerabilities/76414 •

CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking." Vulnerabilidad no especificada en Joomla! v2.5.x antes de v.2.5.5, permite a atacantes remotos ganar privilegios a través de vectores de ataque relacionados con "comprobación inadecuada" • http://developer.joomla.org/security/news/470-20120601-core-privilege-escalation http://osvdb.org/83070 http://secunia.com/advisories/49605 http://www.joomla.org/announcements/release-news/5427-joomla-255-released.html http://www.openwall.com/lists/oss-security/2012/06/19/2 http://www.securityfocus.com/bid/54073 https://exchange.xforce.ibmcloud.com/vulnerabilities/76415 •

CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 2

Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php. Vulnerabilidad de XSS en la plantilla ja_purity para Joomla! 1.5.26 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro Mod* cookie en html/modules.php. Joomla version 1.5.26 suffers from a cross site scripting vulnerability in the ja_purity template. • http://archives.neohapsis.com/archives/bugtraq/2012-05/0021.html http://www.securityfocus.com/bid/53382 http://www.waraxe.us/advisory-87.html https://exchange.xforce.ibmcloud.com/vulnerabilities/75398 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •