CVE-2006-6833
https://notcve.org/view.php?id=CVE-2006-6833
com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. com_categories en Joomla! anterior a 1.0.12 no valida la entrada, lo cual tiene un impacto desconocido y ataques remotos en vectores. • http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 •
CVE-2006-6834
https://notcve.org/view.php?id=CVE-2006-6834
Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." Mútiples vulnerabilidades no especificadas en Joomla! anterior a 1.0.12 tienen un impacto desconocido y ataca vectores relacionados con (1) "funciones innecesarias de herencia" y (2) "Varias soluciones de seguridad de nivel bajo." • http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2446/1 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 •
CVE-2006-6832
https://notcve.org/view.php?id=CVE-2006-6832
Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Joomla! anterior a 1.0.12 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de vectores no especificados, posiblemente relacionados con poll.php o el módulo title. • http://forge.joomla.org/sf/go/artf5985?nav=1 http://forge.joomla.org/sf/go/artf6844?nav=1 http://jvn.jp/jp/JVN%2345006961/index.html http://secunia.com/advisories/23563 http://www.joomla.org/content/view/2495/78 http://www.securityfocus.com/bid/21810 http://www.vupen.com/english/advisories/2006/5202 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-3480
https://notcve.org/view.php?id=CVE-2006-3480
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Joomla! antes de 1.0.10 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de parámetros no especificados que involucran a (1) la función getUserStateFromRequest y los módulos (2) SEF y (3) com_messages. • http://secunia.com/advisories/20874 http://www.joomla.org/content/view/1510/74 http://www.joomla.org/content/view/1511/78 http://www.osvdb.org/26913 http://www.osvdb.org/26917 http://www.osvdb.org/26918 http://www.securityfocus.com/bid/18742 http://www.vupen.com/english/advisories/2006/2608 https://exchange.xforce.ibmcloud.com/vulnerabilities/27521 •
CVE-2006-3481
https://notcve.org/view.php?id=CVE-2006-3481
Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". Múltiples vulnerabilidades de inyección SQL en Joomla! antes de 1.0.10 permiten a atacantes remotos ejecutar comandos SQL de su elección a través de parámetros no especificados que involucran (1) la función "Remember Me", (2) el módulo "Related Items" y (3) "Weblinks submission". • http://secunia.com/advisories/20874 http://www.joomla.org/content/view/1510/74 http://www.joomla.org/content/view/1511/78 http://www.osvdb.org/26910 http://www.osvdb.org/26911 http://www.osvdb.org/26912 http://www.securityfocus.com/bid/18742 http://www.vupen.com/english/advisories/2006/2608 https://exchange.xforce.ibmcloud.com/vulnerabilities/27520 •