Shodan
Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
CVE-2008-3681
components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset tokens, which allows remote attackers to reset the "first enabled user (lowest id)" password, typically for the administrator.
CVSS Score
7.5
EPSS Score
0.553
Published
2008-08-14
CVE-2008-3586
SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-08-11
CVE-2008-3498
SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.009
Published
2008-08-06
CVE-2008-3265
SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.
CVSS Score
6.8
EPSS Score
0.034
Published
2008-07-24
CVE-2008-3225
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
CVSS Score
10.0
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3226
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3227
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-07-18
CVE-2008-3228
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-07-18
CVE-2008-3132
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-07-10
CVE-2008-3083
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVSS Score
7.5
EPSS Score
0.0
Published
2008-07-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved