Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-1465
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
Detodas Com Restaurante 1.0
1 EDB exploit
9.3
CVSSv2
CVE-2007-6555
PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.
Phil Taylor Mosdirectory 2.3.2
1 EDB exploit
9.3
CVSSv2
CVE-2007-4188
Session fixation vulnerability in Joomla! prior to 1.0.13 (aka Sunglow) allows remote malicious users to hijack administrative web sessions via unspecified vectors.
Joomla Joomla\\!
9.3
CVSSv2
CVE-2007-1596
Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook...
Mambo Nfn Address Book 0.4
Joomla Nfn Address Book 0.4
1 EDB exploit
9
CVSSv2
CVE-2009-4112
Cacti 0.8.7e and previous versions allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.2
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.5
Cacti Cacti 0.8
Cacti Cacti 0.6.7
Cacti Cacti 0.8.4
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.7a
Cacti Cacti
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.3
Cacti Cacti 0.8.2a
1 EDB exploit
9
CVSSv2
CVE-2008-4668
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
Joomla Com Imagebrowser 0.1.5
1 EDB exploit
7.8
CVSSv2
CVE-2006-1028
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote malicious users to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.
Joomla Joomla 1.0.7
7.5
CVSSv2
CVE-2022-23797
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.
Joomla Joomla\\!
7.5
CVSSv2
CVE-2010-1433
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This m...
Joomla Joomla\\!
7.5
CVSSv2
CVE-2010-1435
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow malicious users to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versi...
Joomla Joomla\\!
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »