Show filters
610 Total Results
Displaying 91-100 of 610
Sort by:
Attacker Value
Unknown

CVE-2020-15698

Disclosure Date: July 15, 2020 (last updated November 28, 2024)
An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-15695

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
An issue was discovered in Joomla! through 3.9.19. A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-15699

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
An issue was discovered in Joomla! through 3.9.19. Missing validation checks on the usergroups table object can result in a broken site configuration.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-15700

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajax_install endpoint of com_installer causes a CSRF vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-13762

Disclosure Date: June 02, 2020 (last updated February 21, 2025)
In Joomla! before 3.9.19, incorrect input validation of the module tag option in com_modules allows XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-13760

Disclosure Date: June 02, 2020 (last updated February 21, 2025)
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-13763

Disclosure Date: June 02, 2020 (last updated February 21, 2025)
In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-13761

Disclosure Date: June 02, 2020 (last updated February 21, 2025)
In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-11891

Disclosure Date: April 21, 2020 (last updated November 27, 2024)
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11890

Disclosure Date: April 21, 2020 (last updated February 21, 2025)
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >