Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-4102 7.5
Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability t
11-10-2018 - 20:50 18-09-2008 - 17:59
CVE-2008-4103 5.0
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
08-08-2017 - 01:32 18-09-2008 - 17:59
CVE-2008-4104 5.8
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
08-08-2017 - 01:32 18-09-2008 - 17:59
CVE-2008-4105 7.5
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
08-08-2017 - 01:32 18-09-2008 - 17:59
Back to Top Mark selected
Back to Top