Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  Security Vulnerabilities
CVE-2012-4532
Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-10-31
CVE-2012-4531
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-10-31
CVE-2012-5455
Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error."
CVSS Score
4.3
EPSS Score
0.0
Published
2012-10-22
CVE-2011-4909
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php.
CVSS Score
4.3
EPSS Score
0.001
Published
2012-10-07
CVE-2011-4910
Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-10-07
CVE-2011-4911
Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2012-10-07
CVE-2012-5230
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2012-10-01
CVE-2012-5232
Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-10-01
CVE-2012-1116
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.001
Published
2012-09-26
CVE-2012-1117
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-09-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved