Joomla : Security Vulnerabilities, CVEs, Published In September 2012

CVE-2012-1612

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.39%
Published
2012-09-06
Updated
2012-09-07

CVE-2012-1611

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.
Max CVSS
5.0
EPSS Score
0.19%
Published
2012-09-06
Updated
2013-10-03

CVE-2012-1117

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.24%
Published
2012-09-26
Updated
2017-08-29

CVE-2012-1116

SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.54%
Published
2012-09-26
Updated
2017-08-29

CVE-2012-0837

Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."
Max CVSS
5.0
EPSS Score
0.28%
Published
2012-09-06
Updated
2012-09-07

CVE-2012-0836

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.
Max CVSS
5.0
EPSS Score
0.23%
Published
2012-09-06
Updated
2012-09-13

CVE-2012-0835

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator."
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-09-06
Updated
2012-09-07

CVE-2012-0822

Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.
Max CVSS
4.3
EPSS Score
0.42%
Published
2012-09-06
Updated
2012-09-07

CVE-2012-0821

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.
Max CVSS
5.0
EPSS Score
0.41%
Published
2012-09-06
Updated
2012-09-13

CVE-2012-0820

Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.
Max CVSS
4.3
EPSS Score
0.42%
Published
2012-09-06
Updated
2012-09-07

CVE-2012-0819

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.
Max CVSS
5.0
EPSS Score
0.39%
Published
2012-09-06
Updated
2012-09-07

CVE-2006-7247

SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2012-09-06
Updated
2013-08-16
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close