| Vulnerability Name: | CVE-2006-4468 (CCN-28628) | ||||||||
| Assigned: | 2006-08-29 | ||||||||
| Published: | 2006-08-29 | ||||||||
| Updated: | 2021-10-01 | ||||||||
| Summary: | Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-20 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-4468 Source: CCN Type: SA21666 Joomla! Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 21666 Source: CONFIRM Type: Vendor Advisory http://www.joomla.org/content/view/1841/78/ Source: CCN Type: Joomla! Web site Upgrade immediately to Joomla! 1.0.11 Source: CONFIRM Type: Vendor Advisory http://www.joomla.org/content/view/1843/74/ Source: CCN Type: OSVDB ID: 28339 Joomla! mosMail() Unspecified Input Sanitization Weakness Source: CCN Type: OSVDB ID: 28340 Joomla! JosIsValidEmail() Unspecified Sanitization Weakness Source: CCN Type: OSVDB ID: 28343 Joomla! administrator/index.php Unspecified globals.php Input Weakness Source: VUPEN Type: Third Party Advisory ADV-2006-3408 Source: XF Type: Third Party Advisory, VDB Entry joomla-email-errors(28628) Source: XF Type: UNKNOWN joomla-multiple-validation(28628) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||