Joomla : Security Vulnerabilities Published In 2012 (Cross Site Scripting (XSS))
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-5455 |
79 |
|
XSS |
2012-10-22 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "typographical error." |
|
2 |
CVE-2012-4532 |
79 |
|
XSS |
2012-10-31 |
2012-11-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. |
|
3 |
CVE-2012-4531 |
79 |
|
XSS |
2012-10-31 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
4 |
CVE-2012-3828 |
79 |
1
|
XSS |
2012-07-03 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header. |
|
5 |
CVE-2012-1612 |
79 |
|
XSS |
2012-09-06 |
2012-09-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
6 |
CVE-2012-1117 |
79 |
|
XSS |
2012-09-26 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
7 |
CVE-2012-0822 |
79 |
|
XSS |
2012-09-06 |
2012-09-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820. |
|
8 |
CVE-2012-0820 |
79 |
|
XSS |
2012-09-06 |
2012-09-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822. |
|
9 |
CVE-2011-4910 |
79 |
|
XSS |
2012-10-07 |
2012-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. |
|
10 |
CVE-2011-4909 |
79 |
|
XSS |
2012-10-07 |
2012-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. |
Total number of vulnerabilities :
10
Page :
1
(This Page)
