Joomla Framework vulnerabilities

CVE-2018-17856 [HIGH] Joomla RCE Vulnerability Joomla RCE Vulnerability An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.

CVE-2008-4104 [MEDIUM] CWE-601 Joomla! Open Redirect vulnerability Joomla! Open Redirect vulnerability Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.

CVE-2008-3227 [HIGH] CWE-59 Joomla! Open Redirect vulnerability Joomla! Open Redirect vulnerability Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.