Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an “Undefined variable.” (CVSS:5.0) (Last Update:2013-02-13)

Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to “Coding errors.” (CVSS:5.0) (Last Update:2013-03-26)

Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive “administrative back end information” via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611. (CVSS:5.0) (Last Update:2012-12-04)

Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving “Inadequate protection.” (CVSS:4.3) (Last Update:2012-11-19)

Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. (CVSS:4.3) (Last Update:2012-11-01)

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. (CVSS:4.3) (Last Update:2013-03-01)

Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a “typographical error.” (CVSS:4.3) (Last Update:2012-11-08)

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive “administrative back end” information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599. (CVSS:5.0) (Last Update:2013-10-03)

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. (CVSS:4.3) (Last Update:2012-09-07)

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to “Inadequate filtering” and a “SQL error.” (CVSS:5.0) (Last Update:2012-07-17)