CVSS: 5.8EPSS: 0%CPEs: 9EXPL: 0CVE-2006-3480
https://notcve.org/view.php?id=CVE-2006-3480
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Joomla! antes de 1.0.10 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de parámetros no especificados que involucran a (1) la función getUserStateFromRequest y los módulos (2) SEF y (3) com_messages. • http://secunia.com/advisories/20874 http://www.joomla.org/content/view/1510/74 http://www.joomla.org/content/view/1511/78 http://www.osvdb.org/26913 http://www.osvdb.org/26917 http://www.osvdb.org/26918 http://www.securityfocus.com/bid/18742 http://www.vupen.com/english/advisories/2006/2608 https://exchange.xforce.ibmcloud.com/vulnerabilities/27521 •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2006-1048
https://notcve.org/view.php?id=CVE-2006-1048
Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search. • http://secunia.com/advisories/19105 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23822 http://www.vupen.com/english/advisories/2006/0818 https://exchange.xforce.ibmcloud.com/vulnerabilities/25033 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-1049
https://notcve.org/view.php?id=CVE-2006-1049
Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. • http://secunia.com/advisories/19105 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23819 http://www.vupen.com/english/advisories/2006/0818 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2006-1047
https://notcve.org/view.php?id=CVE-2006-1047
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. • http://www.joomla.org/content/view/938/78 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2006-0303
https://notcve.org/view.php?id=CVE-2006-0303
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. • http://secunia.com/advisories/18513 http://www.joomla.org/content/view/738/66 •