Joomla » Joomla : Security Vulnerabilities, CVEs,

Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions."

Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors.

Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors.

Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors.

PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.

Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".

Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown impact and attack vectors.

Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Image; (4) ->load(); (5) content submissions when frontpage is selected; (6) the mosPageNav constructor; (7) saveOrder functions; (8) the absence of "exploit blocking rules" in htaccess; and (9) the ACL.

com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors.

Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg from misuse." NOTE: it is possible that this issue overlaps CVE-2006-1029.

Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors.

The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.

SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.

SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter.

SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter.

Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/views/search/tmpl/ and (2) templates/beez/html/com_search/search/.

SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778.

Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777.

PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.

Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component.

Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability."

SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.