Joomla: >> Joomla! Security Vulnerabilities
Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion.
CVSS Score
7.5
EPSS Score
0.002
Published
2006-08-31
The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.001
Published
2006-08-31
Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task.
CVSS Score
7.5
EPSS Score
0.001
Published
2006-08-31
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
CVSS Score
5.0
EPSS Score
0.003
Published
2006-04-21
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.
CVSS Score
5.3
EPSS Score
0.001
Published
2005-12-31
Page 61