FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  519163
Date:      2019-12-06
Time:      20:22:53Z
Committer: joneum

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
bf2b9c56-b93e-11e8-b2a8-a4badb296695joomla3 -- vulnerabilitiesw

JSST reports: Multiple low-priority Vulnerabilities

Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter.

Inadequate output filtering on the user profile page could lead to a stored XSS attack.

Inadequate checks regarding disabled fields can lead to an ACL violation.


Discovery 2018-08-23
Entry 2018-09-15
joomla3
lt 3.8.12

CVE-2018-15860
CVE-2018-15881
CVE-2018-15882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15882
https://developer.joomla.org/security-centre/743-20180801-core-hardening-the-inputfilter-for-phar-stubs.html
https://developer.joomla.org/security-centre/744-20180802-core-stored-xss-vulnerability-in-the-frontend-profile.html
https://developer.joomla.org/security-centre/745-20180803-core-acl-violation-in-custom-fields.html
3c2549b3-3bed-11e7-a9f0-a4badb296695Joomla3 -- SQL Injection

JSST reports:

Inadequate filtering of request data leads to a SQL Injection vulnerability.


Discovery 2017-05-11
Entry 2017-05-18
joomla3
eq 3.7.0

CVE-2017-8917
https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
6aa398d0-1c4d-11e9-96dd-a4badb296695joomla3 -- vulnerabilitiesw

JSST reports:

Inadequate escaping in mod_banners leads to a stored XSS vulnerability.

Inadequate escaping in com_contact leads to a stored XSS vulnerability

Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS.

Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.


Discovery 2018-12-01
Entry 2019-01-20
joomla3
lt 3.9.2

https://developer.joomla.org/security-centre/760-00190101-core-stored-xss-in-mod-banners.html
CVE-2019-6264
https://developer.joomla.org/security-centre/761-20190102-core-stored-xss-in-com-contact.html
CVE-2019-6261
https://developer.joomla.org/security-centre/762-20190103-core-stored-xss-issue-in-the-global-configuration-textfilter-settings.html
CVE-2019-6263
https://developer.joomla.org/security-centre/763-20190104-core-stored-xss-issue-in-the-global-configuration-help-url.html
CVE-2019-6262