Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla  >> 1.0.4  Security Vulnerabilities
CVE-2009-3215
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVSS Score
7.5
EPSS Score
0.006
Published
2009-09-16
CVE-2008-6299
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
CVSS Score
3.5
EPSS Score
0.0
Published
2009-02-26
CVE-2009-0113
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
CVSS Score
5.0
EPSS Score
0.001
Published
2009-01-09
CVE-2008-3225
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
CVSS Score
10.0
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3226
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.001
Published
2008-07-18
CVE-2008-3227
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3228
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-07-18
CVE-2008-1935
SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-04-25
CVE-2006-7008
Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-02-12
CVE-2006-7009
Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors.
CVSS Score
7.5
EPSS Score
0.0
Published
2007-02-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved