Composer/Joomla/Framework | GitLab Advisory Database

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.

Improper Link Resolution Before File Access ('Link Following')

Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.

Improper Link Resolution Before File Access ('Link Following')

Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.

Advisories for Composer/Joomla/Framework package