CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-1049
https://notcve.org/view.php?id=CVE-2006-1049
Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. • http://secunia.com/advisories/19105 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23819 http://www.vupen.com/english/advisories/2006/0818 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2006-1047
https://notcve.org/view.php?id=CVE-2006-1047
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. • http://www.joomla.org/content/view/938/78 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-1027
https://notcve.org/view.php?id=CVE-2006-1027
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. • http://securityreason.com/securityalert/527 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23815 http://www.securityfocus.com/archive/1/426538/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/25028 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1029
https://notcve.org/view.php?id=CVE-2006-1029
The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. • http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23816 http://www.securityfocus.com/archive/1/426538/100/0/threaded •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-1030
https://notcve.org/view.php?id=CVE-2006-1030
Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. • http://secunia.com/advisories/19105 http://www.joomla.org/content/view/938/78 http://www.osvdb.org/23818 http://www.vupen.com/english/advisories/2006/0818 https://exchange.xforce.ibmcloud.com/vulnerabilities/25028 •