VYPR

Packagist (Composer) package

joomla/framework

pkg:composer/joomla/framework

Vulnerabilities (3)

  • CVE-2018-17856HigOct 9, 2018
    affected >= 2.5.4, < 3.8.13fixed 3.8.13

    An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.

  • CVE-2008-4104Sep 18, 2008
    affected >= 1.5.0, < 1.5.7fixed 1.5.7

    Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.

  • CVE-2008-3227Jul 18, 2008
    affected < 1.5.4fixed 1.5.4

    Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.