Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla 1.5.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6024
SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.
Thethinkery Project Log 1.5.3
1 EDB exploit
9.8
CVSSv3
CVE-2017-14596
In Joomla! prior to 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
Joomla Joomla\\! 1.5.21
Joomla Joomla\\! 1.5.20
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.18
Joomla Joomla\\! 1.5.25
Joomla Joomla\\! 1.5.23
Joomla Joomla\\! 1.5.16
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.6.5
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.7.4
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.11
Joomla Joomla\\! 2.5.13
Joomla Joomla\\! 2.5.15
Joomla Joomla\\! 2.5.20
Joomla Joomla\\! 2.5.22
8.8
CVSSv3
CVE-2017-11364
The CMS installer in Joomla! prior to 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
Joomla Joomla\\! 1.0.13
Joomla Joomla\\! 1.0.14
Joomla Joomla\\! 1.0.15
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 1.5.16
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.6.2
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 1.0.1
Joomla Joomla\\! 1.0.3
Joomla Joomla\\! 1.0.10
Joomla Joomla\\! 1.0.12
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.12
6.1
CVSSv3
CVE-2017-11612
In Joomla! prior to 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.
Joomla Joomla\\! 3.3.1
Joomla Joomla\\! 3.3.2
Joomla Joomla\\! 3.3.3
Joomla Joomla\\! 3.3.4
Joomla Joomla\\! 3.4.5
Joomla Joomla\\! 3.4.6
Joomla Joomla\\! 3.4.7
Joomla Joomla\\! 3.4.8
Joomla Joomla\\! 3.6.0
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.17
Joomla Joomla\\! 1.5.18
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.20
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.7.0
Joomla Joomla\\! 1.7.1
5.3
CVSSv3
CVE-2017-7983
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.
Joomla Joomla\\! 3.1.0
Joomla Joomla\\! 3.1.2
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.6.2
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 1.7.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.12
Joomla Joomla\\! 2.5.14
Joomla Joomla\\! 2.5.21
Joomla Joomla\\! 2.5.23
Joomla Joomla\\! 1.5.17
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.24
Joomla Joomla\\! 1.5.26
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 3.2.3
Joomla Joomla\\! 3.3.0
6.1
CVSSv3
CVE-2017-7986
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
Joomla Joomla\\! 3.1.2
Joomla Joomla\\! 3.1.4
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.7.4
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.16
Joomla Joomla\\! 2.5.18
Joomla Joomla\\! 2.5.23
Joomla Joomla\\! 2.5.25
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.21
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 3.2.0
Joomla Joomla\\! 3.3.2
Joomla Joomla\\! 3.3.4
NA
CVE-2015-8562
Joomla! 1.5.x, 2.x, and 3.x prior to 3.4.6 allow remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.17
Joomla Joomla\\! 1.5.18
Joomla Joomla\\! 1.5.25
Joomla Joomla\\! 1.5.26
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.7.0
Joomla Joomla\\! 1.7.1
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.11
Joomla Joomla\\! 2.5.12
Joomla Joomla\\! 2.5.19
Joomla Joomla\\! 2.5.20
Joomla Joomla\\! 2.5.27
Joomla Joomla\\! 2.5.28
Joomla Joomla\\! 3.1.3
Joomla Joomla\\! 3.1.4
Joomla Joomla\\! 3.2.4
Joomla Joomla\\! 3.3.0
2 EDB exploits
20 Github repositories
NA
CVE-2012-2413
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.
Joomla Joomla\\! 1.5.20
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.22
Joomla Joomla\\! 1.5.21
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.6
Joomla Joomla\\!
Joomla Joomla\\! 1.5.25
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.18
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.24
Joomla Joomla\\! 1.5.23
Joomla Joomla\\! 1.5.17
NA
CVE-2012-1599
Joomla! 1.5.x prior to 1.5.26 does not properly check permissions, which allows malicious users to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611.
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.25
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.18
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.23
Joomla Joomla\\! 1.5.22
Joomla Joomla\\! 1.5.17
Joomla Joomla\\! 1.5.21
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.24
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.15
NA
CVE-2012-1598
Joomla! 1.5.x prior to 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability."
Joomla Joomla\\! 1.5.13
Joomla Joomla\\! 1.5.17
Joomla Joomla\\! 1.5.16
Joomla Joomla\\! 1.5.24
Joomla Joomla\\! 1.5.19
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.11
Joomla Joomla\\! 1.5.12
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.1
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.15
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.25
Joomla Joomla\\! 1.5.23
Joomla Joomla\\! 1.5.20
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.21
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.14
Joomla Joomla\\! 1.5.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »