WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0114)

Description

The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php.

Remediation

References

Related Vulnerabilities

WordPress Plugin Event List PHP Object Injection (0.7.10)

MySQL CVE-2022-21265 Vulnerability (CVE-2022-21265)

MySQL CVE-2015-4802 Vulnerability (CVE-2015-4802)

RubyGems Cryptographic Issues Vulnerability (CVE-2013-4363)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)

Severity

Medium

Classification

CVE-2006-0114 CWE-264

Tags

Missing Update Known Vulnerabilities