Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-22274
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
Jomsocial Jomsocial 4.7.6
445
VMScore
CVE-2020-19455
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.
Jdownloads Jdownloads 3.2.63
445
VMScore
CVE-2020-19450
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.
Jdownloads Jdownloads 3.2.63
445
VMScore
CVE-2020-19451
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.
Jdownloads Jdownloads 3.2.63
445
VMScore
CVE-2020-19447
SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.
Jdownloads Jdownloads 3.2.63
578
VMScore
CVE-2020-25751
The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.
Corephp Pago Commerce 2.5.9.0
445
VMScore
CVE-2020-23971
gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can access the upload function without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the conten...
Gmapfp Gmapfp J3.30
446
VMScore
CVE-2020-23972
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file t...
Gmapfp Gmapfp J3.5
516
VMScore
CVE-2020-24598
An issue exists in Joomla! prior to 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect.
Joomla Joomla\\!
383
VMScore
CVE-2020-24599
An issue exists in Joomla! prior to 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks.
Joomla Joomla\\!
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »