VYPR

Joomla!

by Joomla

Source repositories

CVEs (393)

  • CVE-2013-3267May 3, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-3059May 3, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-3058May 3, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-3057May 3, 2013
    risk 0.00cvss epss 0.01

    Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors.

  • CVE-2013-3056May 3, 2013
    risk 0.00cvss epss 0.02

    Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors.

  • CVE-2013-1455Feb 13, 2013
    risk 0.00cvss epss 0.01

    Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable."

  • CVE-2013-1454Feb 13, 2013
    risk 0.00cvss epss 0.01

    Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors."

  • CVE-2012-1599Dec 3, 2012
    risk 0.00cvss epss 0.01

    Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611.

  • CVE-2012-1598Dec 3, 2012
    risk 0.00cvss epss 0.01

    Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability."

  • CVE-2012-5827Nov 11, 2012
    risk 0.00cvss epss 0.01

    Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection."

  • CVE-2012-4532Oct 31, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are…

  • CVE-2012-4531Oct 31, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-5455Oct 22, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error."

  • CVE-2011-4911Oct 7, 2012
    risk 0.00cvss epss 0.02

    Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.

  • CVE-2011-4910Oct 7, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

  • CVE-2012-1117Sep 26, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-1612Sep 6, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-1611Sep 6, 2012
    risk 0.00cvss epss 0.01

    Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.

  • CVE-2012-0837Sep 6, 2012
    risk 0.00cvss epss 0.01

    Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."

  • CVE-2012-0836Sep 6, 2012
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.

Page 15 of 20