← Back

Joomla

joomla

534 CVEs • 147 products

Products (147)

Click to collapse
Toggle
Joomla
joomla
383 CVEs
Bsq Sitestats
bsq_sitestats
6 CVEs
Rs Gallery2
rs_gallery2
4 CVEs
Com Beamospetition
com_beamospetition
3 CVEs
Com Weblinks
com_weblinks
3 CVEs
Jd Wiki
jd-wiki
2 CVEs
Com Sef
com_sef
2 CVEs
Com Downloads
com_downloads
2 CVEs
Com Rapidrecipe
com_rapidrecipe
2 CVEs
Com Pcchess
com_pcchess
2 CVEs
Com Astatspro
com_astatspro
2 CVEs
Com Pccookbook
com_pccookbook
2 CVEs
Com Facileforms
com_facileforms
2 CVEs
Com Mailto
com_mailto
2 CVEs
Pc Cookbook
pc_cookbook
1 CVE
Performs Component
performs_component
1 CVE
Colophon
colophon
1 CVE
Lmo
lmo
1 CVE
Webring Component
webring_component
1 CVE
Moslistmessenger Component
moslistmessenger_component
1 CVE
Jim Instant Messaging Component
jim_instant_messaging_component
1 CVE
X Shop Component
x-shop_component
1 CVE
Rssxt Component
rssxt_component
1 CVE
Com Comprofiler Component
com_comprofiler_component
1 CVE
Jim Component
jim_component
1 CVE
Jd Wordpress
jd-wordpress
1 CVE
Joomlalib
joomlalib
1 CVE
Com Events
com_events
1 CVE
Events Module
events_module
1 CVE
Sef4040x
sef4040x
1 CVE
Com Hotproperties
com_hotproperties
1 CVE
Hot Properties
hot_properties
1 CVE
Com Mosmedia
com_mosmedia
1 CVE
Mosmedia
mosmedia
1 CVE
Prince Clan Chess Component
prince_clan_chess_component
1 CVE
Classifieds Component
classifieds_component
1 CVE
Com Classifieds
com_classifieds
1 CVE
Be It Easypartner Component
be_it_easypartner_component
1 CVE
Nfn Address Book
nfn_address_book
1 CVE
Swmenu Component
swmenu_component
1 CVE
Rwcards Component
rwcards_component
1 CVE
Car Manager
car_manager
1 CVE
Taskhopper Component
taskhopper_component
1 CVE
Jambook
jambook
1 CVE
Letterman Subscriber
letterman_subscriber
1 CVE
Expose
expose
1 CVE
Pony Gallery
pony_gallery
1 CVE
Tour De France Pool
tour_de_france_pool
1 CVE
J Reactions
j_reactions
1 CVE
Bibtex
bibtex
1 CVE
Nice Talk
nice_talk
1 CVE
Rsfiles
rsfiles
1 CVE
Neorecruit
neorecruit
1 CVE
Eventlist
eventlist
1 CVE
Akobook
akobook
1 CVE
Joomla Radio
joomla_radio
1 CVE
Joom12pic Component
joom12pic_component
1 CVE
Flash Fun Component
flash_fun_component
1 CVE
Com Search Component
com_search_component
1 CVE
Com Newsletter
com_newsletter
1 CVE
Com Mamml
com_mamml
1 CVE
Com Fq
com_fq
1 CVE
Glossary
glossary
1 CVE
Musepoes Component
musepoes_component
1 CVE
Com Recipes
com_recipes
1 CVE
Com Jokes
com_jokes
1 CVE
Com Buslicense
com_buslicense
1 CVE
Com Awesom
com_awesom
1 CVE
Com Shambo2
com_shambo2
1 CVE
Com Sobi2
com_sobi2
1 CVE
Com Ynews
com_ynews
1 CVE
Com Noticias
com_noticias
1 CVE
Com Neoreferences
com_neoreferences
1 CVE
Com Marketplace
com_marketplace
1 CVE
Com Directory
com_directory
1 CVE
Com Gallery
com_gallery
1 CVE
Com Neogallery
com_neogallery
1 CVE
Com Iomezun
com_iomezun
1 CVE
Com Doc
com_doc
1 CVE
Com Comments
com_comments
1 CVE
Com Quiz
com_quiz
1 CVE
Com Mcquiz
com_mcquiz
1 CVE
Com Mediaslide
com_mediaslide
1 CVE
Com Scheduling Component
com_scheduling_component
1 CVE
Com Mezun
com_mezun
1 CVE
Com Filebase Component
com_filebase_component
1 CVE
Rapid Recipe
rapid_recipe
1 CVE
Kemas Antonius Com Quran
kemas_antonius_com_quran
1 CVE
Com Galeria
com_galeria
1 CVE
Com Ricette Component
com_ricette_component
1 CVE
Com Clasifier
com_clasifier
1 CVE
Com Profile
com_profile
1 CVE
Com Detail
com_detail
1 CVE
Com Salesrep
com_salesrep
1 CVE
Com Garyscookbook
com_garyscookbook
1 CVE
Com Ewriting
com_ewriting
1 CVE
Com Acajoom
com_acajoom
1 CVE
Datsogallery
datsogallery
1 CVE
Com Comprofiler
com_comprofiler
1 CVE
Com Flippingbook
com_flippingbook
1 CVE

CVEs (534)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-10240
1Joomla
1Joomla
Nov 21, 2024
Mar 16, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.
CVE-2020-10239
1Joomla
1Joomla
Nov 21, 2024
Mar 16, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
CVE-2020-10238
1Joomla
1Joomla
Nov 21, 2024
Mar 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.
CVE-2011-1151
1Joomla
1Joomla
Nov 21, 2024
Feb 5, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.
CVE-2011-4912
1Joomla
1Joomla
Nov 21, 2024
Feb 4, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.
CVE-2011-4937
1Joomla
1Joomla
Nov 21, 2024
Feb 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Joomla! 1.7.1 has core information disclosure due to inadequate error checking.
CVE-2011-3629
1Joomla
1Joomla
Nov 21, 2024
Feb 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Joomla! core 1.7.1 allows information disclosure due to weak encryption
CVE-2020-8421
1Joomla
1Joomla
Nov 21, 2024
Jan 28, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs.
CVE-2020-8420
1Joomla
1Joomla
Nov 21, 2024
Jan 28, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.
CVE-2020-8419
1Joomla
1Joomla
Nov 21, 2024
Jan 28, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.
CVE-2011-3595
1Joomla
1Joomla
Nov 21, 2024
Jan 22, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.
CVE-2011-4907
1Joomla
1Joomla
Nov 21, 2024
Jan 15, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Joomla! 1.5x through 1.5.12: Missing JEXEC Check
CVE-2012-1563
1Joomla
1Joomla
Nov 21, 2024
Jan 15, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Joomla! before 2.5.3 allows Admin Account Creation.
CVE-2012-1562
1Joomla
1Joomla
Nov 21, 2024
Jan 15, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Joomla! core before 2.5.3 allows unauthorized password change.
CVE-2019-19846
1Joomla
1Joomla
Nov 21, 2024
Dec 18, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
CVE-2019-19845
1Joomla
1Joomla
Nov 21, 2024
Dec 18, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.
CVE-2019-18674
1Joomla
1Joomla
Nov 21, 2024
Nov 6, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure.
CVE-2019-18650
1Joomla
1Joomla
Nov 21, 2024
Nov 6, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability.
CVE-2019-16725
1Joomla
1Joomla
Nov 21, 2024
Sep 24, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
CVE-2019-15028
1Joomla
1Joomla
Nov 21, 2024
Aug 14, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.