Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
Max CVSS
3.5
EPSS Score
0.10%
Published
2009-02-26
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1.
Max CVSS
4.3
EPSS Score
0.56%
Published
2007-10-12
Updated
2018-10-15
Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title.
Max CVSS
4.3
EPSS Score
0.40%
Published
2006-12-31
Updated
2011-03-08
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.
Max CVSS
6.8
EPSS Score
1.14%
Published
2006-08-31
Updated
2017-07-20
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.
Max CVSS
5.8
EPSS Score
0.48%
Published
2006-07-10
Updated
2017-07-20
5 vulnerabilities found