| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-4779 | 4.3 |
Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section.
|
15-10-2018 - 21:38 | 10-09-2007 - 21:17 | |
| CVE-2007-4780 | 6.8 |
Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories.
|
15-10-2018 - 21:38 | 10-09-2007 - 21:17 | |
| CVE-2007-4777 | 7.5 |
SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778.
|
15-10-2018 - 21:38 | 10-09-2007 - 21:17 | |
| CVE-2007-4781 | 6.6 |
administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when
|
29-09-2017 - 01:29 | 10-09-2007 - 21:17 | |
| CVE-2007-4778 | 7.5 |
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category
|
29-07-2017 - 01:33 | 10-09-2007 - 21:17 |