The remote web server has an application that is vulnerable to multiple attack vectors.
The remote web server is hosting Joomla!, a content management system written in PHP. Versions of Joomla 1.6 earlier than 1.6.1 are potentially affected by multiple vulnerabilities : - An unspecified SQL injection and path disclosure issue. (20110201) - An uncaught exception could cause full path disclosure. (20110202) - Inadequate checking for double URI encoding could lead to cross-site scripting vulnerabilities. (20110203) - Inadequate filtering exposes cross-site scripting vulnerabilities. (20110204) - Inadequate access checking leads to information disclosure. (20110301) - There is inadequate checking of redirect URLs. (20110302) - Inadequate filtering causes information disclosure. (20110303) - There is inadequate control of which files can be edited by authenticated users. (20110304) - Inadequate token checking leads to a cross-site request forgery vulnerability. (20110305) - Editor caching can cause a denial of service by filling up the disk. (20110306) - Inadequate filtering exposes cross-site scripting vulnerabilities. (20110307) - Inadequate token checking leads to a cross-site request forgery vulnerability. (20110308)