Search Results | AttackerKB

610 Total Results

Displaying 81-90 of 610

Attacker Value

Unknown

CVE-2020-35610

Disclosure Date: November 24, 2020 (last updated November 28, 2024)

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.

Attacker Value

Unknown

CVE-2020-35614

Disclosure Date: November 24, 2020 (last updated November 28, 2024)

An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-35616

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-35611

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-35615

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2020-35612

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.

Attack Vector: Network Privileges: None User Interaction: None