Joomla

Joomla

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 42.31%
  • Veröffentlicht 24.09.2007 22:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:23

PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.

Exploit
  • EPSS 5.19%
  • Veröffentlicht 10.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:47

administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when...

Exploit
  • EPSS 1.53%
  • Veröffentlicht 10.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:46

Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories.

Exploit
  • EPSS 1.28%
  • Veröffentlicht 10.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:46

Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section.

  • EPSS 1.3%
  • Veröffentlicht 10.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:46

Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category...

Exploit
  • EPSS 1.43%
  • Veröffentlicht 10.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:46

SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778.

  • EPSS 11.31%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:43:33

Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) c...

  • EPSS 1.81%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:43:33

Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; ...

  • EPSS 1.06%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:43:33

SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter.

Exploit
  • EPSS 46.76%
  • Veröffentlicht 24.04.2007 20:19:00
  • Zuletzt bearbeitet 16.06.2026 22:39:07

PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management Sys...