Vulnerability Description
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomla | Joomla\! | < 1.0.11 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/21666Vendor Advisory
- http://www.joomla.org/content/view/1841/78/Vendor Advisory
- http://www.joomla.org/content/view/1843/74/Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3408Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28628Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/21666Vendor Advisory
- http://www.joomla.org/content/view/1841/78/Vendor Advisory
- http://www.joomla.org/content/view/1843/74/Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3408Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28628Third Party AdvisoryVDB Entry
FAQ
What is CVE-2006-4468?
CVE-2006-4468 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValid...
How severe is CVE-2006-4468?
CVE-2006-4468 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4468?
Check the references section above for vendor advisories and patch information. Affected products include: Joomla Joomla\!.