← Back

Joomla

joomla

534 CVEs • 147 products

Products (147)

Click to collapse
Toggle
Joomla
joomla
383 CVEs
Bsq Sitestats
bsq_sitestats
6 CVEs
Rs Gallery2
rs_gallery2
4 CVEs
Com Beamospetition
com_beamospetition
3 CVEs
Com Weblinks
com_weblinks
3 CVEs
Jd Wiki
jd-wiki
2 CVEs
Com Sef
com_sef
2 CVEs
Com Downloads
com_downloads
2 CVEs
Com Rapidrecipe
com_rapidrecipe
2 CVEs
Com Pcchess
com_pcchess
2 CVEs
Com Astatspro
com_astatspro
2 CVEs
Com Pccookbook
com_pccookbook
2 CVEs
Com Facileforms
com_facileforms
2 CVEs
Com Mailto
com_mailto
2 CVEs
Pc Cookbook
pc_cookbook
1 CVE
Performs Component
performs_component
1 CVE
Colophon
colophon
1 CVE
Lmo
lmo
1 CVE
Webring Component
webring_component
1 CVE
Moslistmessenger Component
moslistmessenger_component
1 CVE
Jim Instant Messaging Component
jim_instant_messaging_component
1 CVE
X Shop Component
x-shop_component
1 CVE
Rssxt Component
rssxt_component
1 CVE
Com Comprofiler Component
com_comprofiler_component
1 CVE
Jim Component
jim_component
1 CVE
Jd Wordpress
jd-wordpress
1 CVE
Joomlalib
joomlalib
1 CVE
Com Events
com_events
1 CVE
Events Module
events_module
1 CVE
Sef4040x
sef4040x
1 CVE
Com Hotproperties
com_hotproperties
1 CVE
Hot Properties
hot_properties
1 CVE
Com Mosmedia
com_mosmedia
1 CVE
Mosmedia
mosmedia
1 CVE
Prince Clan Chess Component
prince_clan_chess_component
1 CVE
Classifieds Component
classifieds_component
1 CVE
Com Classifieds
com_classifieds
1 CVE
Be It Easypartner Component
be_it_easypartner_component
1 CVE
Nfn Address Book
nfn_address_book
1 CVE
Swmenu Component
swmenu_component
1 CVE
Rwcards Component
rwcards_component
1 CVE
Car Manager
car_manager
1 CVE
Taskhopper Component
taskhopper_component
1 CVE
Jambook
jambook
1 CVE
Letterman Subscriber
letterman_subscriber
1 CVE
Expose
expose
1 CVE
Pony Gallery
pony_gallery
1 CVE
Tour De France Pool
tour_de_france_pool
1 CVE
J Reactions
j_reactions
1 CVE
Bibtex
bibtex
1 CVE
Nice Talk
nice_talk
1 CVE
Rsfiles
rsfiles
1 CVE
Neorecruit
neorecruit
1 CVE
Eventlist
eventlist
1 CVE
Akobook
akobook
1 CVE
Joomla Radio
joomla_radio
1 CVE
Joom12pic Component
joom12pic_component
1 CVE
Flash Fun Component
flash_fun_component
1 CVE
Com Search Component
com_search_component
1 CVE
Com Newsletter
com_newsletter
1 CVE
Com Mamml
com_mamml
1 CVE
Com Fq
com_fq
1 CVE
Glossary
glossary
1 CVE
Musepoes Component
musepoes_component
1 CVE
Com Recipes
com_recipes
1 CVE
Com Jokes
com_jokes
1 CVE
Com Buslicense
com_buslicense
1 CVE
Com Awesom
com_awesom
1 CVE
Com Shambo2
com_shambo2
1 CVE
Com Sobi2
com_sobi2
1 CVE
Com Ynews
com_ynews
1 CVE
Com Noticias
com_noticias
1 CVE
Com Neoreferences
com_neoreferences
1 CVE
Com Marketplace
com_marketplace
1 CVE
Com Directory
com_directory
1 CVE
Com Gallery
com_gallery
1 CVE
Com Neogallery
com_neogallery
1 CVE
Com Iomezun
com_iomezun
1 CVE
Com Doc
com_doc
1 CVE
Com Comments
com_comments
1 CVE
Com Quiz
com_quiz
1 CVE
Com Mcquiz
com_mcquiz
1 CVE
Com Mediaslide
com_mediaslide
1 CVE
Com Scheduling Component
com_scheduling_component
1 CVE
Com Mezun
com_mezun
1 CVE
Com Filebase Component
com_filebase_component
1 CVE
Rapid Recipe
rapid_recipe
1 CVE
Kemas Antonius Com Quran
kemas_antonius_com_quran
1 CVE
Com Galeria
com_galeria
1 CVE
Com Ricette Component
com_ricette_component
1 CVE
Com Clasifier
com_clasifier
1 CVE
Com Profile
com_profile
1 CVE
Com Detail
com_detail
1 CVE
Com Salesrep
com_salesrep
1 CVE
Com Garyscookbook
com_garyscookbook
1 CVE
Com Ewriting
com_ewriting
1 CVE
Com Acajoom
com_acajoom
1 CVE
Datsogallery
datsogallery
1 CVE
Com Comprofiler
com_comprofiler
1 CVE
Com Flippingbook
com_flippingbook
1 CVE

CVEs (534)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-1611
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-15...Show more
Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.Show less
CVE-2012-0837
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."
CVE-2012-0836
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.
CVE-2012-0835
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator."
CVE-2012-0822
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.
CVE-2012-0821
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.
CVE-2012-0820
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.
CVE-2012-0819
1Joomla
1Joomla
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.
CVE-2006-7247
1Joomla
1Com Weblinks
Apr 29, 2026
Sep 6, 2012
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2012-3829
1Joomla
1Joomla
Apr 29, 2026
Jul 3, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
CVE-2012-3828
1Joomla
1Joomla
Apr 29, 2026
Jul 3, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header.
CVE-2012-2748
1Joomla
1Joomla
Apr 29, 2026
Jul 3, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error."
CVE-2012-2747
1Joomla
1Joomla
Apr 29, 2026
Jul 3, 2012
N/A· v4
N/A· v3
7.5 HIGH· v2
Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking."
CVE-2011-4332
1Joomla
1Joomla
Apr 29, 2026
Nov 23, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-4321
1Joomla
1Joomla
Apr 29, 2026
Nov 23, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors.
CVE-2010-4945
1Joomla
1Com Camelcitydb2
Apr 29, 2026
Oct 9, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-4944
1Joomla
1Com Elite Experts
Apr 29, 2026
Oct 9, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to...Show more
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.Show less
CVE-2010-4938
1Joomla
1Com Weblinks
Apr 29, 2026
Oct 9, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenanc...Show more
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2011-3747
1Joomla
1Joomla
Apr 29, 2026
Sep 23, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmaile...Show more
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.Show less
CVE-2011-2892
1Joomla
1Joomla
Apr 29, 2026
Jul 27, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.