3/16/2023 0 Comments The battle cats hack 3.1.0Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.Īn issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.Īn issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.Īn issue was discovered in Joomla! 4.0.0 through 4.1.0. Information disclosure Access to private information and components, possibility to view other users' information.Īn issue was discovered in Joomla! 4.0.0 through 4.1.0. The component is: Access to private information and components, possibility to view other users' information. The impact is: obtain sensitive information (remote). Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files In Joomla component 'Joomlatools - DOCman 3.5.13 (and likely most versions below)' are affected to an reflected Cross-Site Scripting (XSS) in an image upload function Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. Sites with publicly enabled debug mode exposed data of previous requests.Īn issue was discovered in Joomla! 4.2.0. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.Īn issue was discovered in Joomla! 4.0.0 through 4.2.3. An issue was discovered in Joomla! 4.2.0 through 4.2.3.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |