Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla 1.5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-6643
Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! prior to 1.5 RC4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Joomla Joomla 1.5rc4
7.5
CVSSv2
CVE-2010-1433
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This m...
Joomla Joomla\\!
6.8
CVSSv2
CVE-2007-6642
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! prior to 1.5 RC4 allow remote malicious users to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors.
Joomla Joomla 1.5rc4
7.5
CVSSv2
CVE-2007-4187
Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote malicious users to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/vie...
Joomla Joomla 1.5.0 Beta
7.5
CVSSv2
CVE-2015-8566
The Session package 1.x prior to 1.3.1 for Joomla! Framework allows remote malicious users to execute arbitrary code via unspecified session values.
Joomla Session 1.3.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4046
SQL injection vulnerability in index.php in the Pony Gallery (com_ponygallery) 1.5 and previous versions component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Joomla Pony Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2010-4902
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php.
Joomla-clantools Clantools Com Clantools
2 EDB exploits
5
CVSSv2
CVE-2008-4103
The mailto (aka com_mailto) component in Joomla! 1.5 prior to 1.5.7 sends e-mail messages without validating the URL, which allows remote malicious users to transmit spam.
Joomla Com Mailto
7.5
CVSSv2
CVE-2018-6583
SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.
Quanticalabs Timetable Responsive Schedule 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-4679
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
Inertialfate Com If Nexus 1.5
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »