Description

Joomla! Core is prone to multiple vulnerabilities, including SQL injection and information disclosure vulnerabilities. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database or to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.0.x ranging from 1.0.0 and up to and including 1.0.12 are vulnerable.

Remediation

Update to Joomla! Core latest version

References

http://www.securityfocus.com/archive/1/archive/1/480738/100/0/threaded

https://packetstormsecurity.com/0707-exploits/joomla-sql.txt

Related Vulnerabilities

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Directory Traversal (5.6.23)

MediaWiki Other Vulnerability (CVE-2012-5395)

WordPress Plugin Chunks Cross-Site Scripting (1.1)

IBM RTC Session Fixation Vulnerability (CVE-2018-1492)

MySQL CVE-2019-2695 Vulnerability (CVE-2019-2695)

Severity

High

Classification

CVE-2007-4184 CVE-2007-4185 CWE-89 CWE-200 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update