Filtered by vendor Joomla Subscriptions
Filtered by product Joomla Subscriptions

Search

Switch to Advanced Search (Beta)
Total 227 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-1027 1 Joomla 1 Joomla 2025-04-03 N/A
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message.
CVE-2006-3480 1 Joomla 1 Joomla 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.
CVE-2006-4475 1 Joomla 1 Joomla 2025-04-03 N/A
Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown impact and attack vectors.
CVE-2006-2960 1 Joomla 1 Joomla 2025-04-03 N/A
PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.
CVE-2006-1029 1 Joomla 1 Joomla 2025-04-03 N/A
The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.
CVE-2005-3773 1 Joomla 1 Joomla 2025-04-03 N/A
Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions."
CVE-2006-0114 1 Joomla 1 Joomla 2025-04-03 N/A
The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php.