Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla  Security Vulnerabilities
CVE-2008-4617
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-10-20
CVE-2008-4102
Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-09-18
CVE-2008-4103
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
CVSS Score
5.0
EPSS Score
0.0
Published
2008-09-18
CVE-2008-4104
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
CVSS Score
5.8
EPSS Score
0.0
Published
2008-09-18
CVE-2008-4105
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-09-18
CVE-2008-3225
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
CVSS Score
10.0
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3226
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.001
Published
2008-07-18
CVE-2008-3227
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3228
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-07-18
CVE-2008-2990
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-07-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved