Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 1.7.0  Security Vulnerabilities
CVE-2010-5280
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature.
CVSS Score
7.5
EPSS Score
0.089
Published
2012-11-26
CVE-2012-5230
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2012-10-01
CVE-2012-5232
Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-10-01
CVE-2012-1116
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.001
Published
2012-09-26
CVE-2012-0819
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.
CVSS Score
5.0
EPSS Score
0.0
Published
2012-09-06
CVE-2012-0820
Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-09-06
CVE-2012-0821
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.
CVSS Score
5.0
EPSS Score
0.0
Published
2012-09-06
CVE-2012-0822
Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.
CVSS Score
4.3
EPSS Score
0.0
Published
2012-09-06
CVE-2012-0835
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator."
CVSS Score
5.0
EPSS Score
0.0
Published
2012-09-06
CVE-2012-0836
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.
CVSS Score
5.0
EPSS Score
0.0
Published
2012-09-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved