Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39970
Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.
Acyba Acymailing Starter
NA
CVE-2023-39971
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.
Acymailing Acymailing
NA
CVE-2023-39972
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.
Acymailing Acymailing
NA
CVE-2023-39973
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.
Acymailing Acymailing
NA
CVE-2023-39974
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.
Acymailing Acymailing
NA
CVE-2023-38045
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.
Admiror-design-studio Admiror Gallery
NA
CVE-2023-23756
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.
Advcomsys Onevote\\! 1.7
NA
CVE-2023-23755
An issue exists in Joomla! 4.2.0 up to and including 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.
Joomla Joomla\\!
NA
CVE-2023-23754
An issue exists in Joomla! 4.2.0 up to and including 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.
Joomla Joomla\\!
NA
CVE-2023-23753
The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.
Vi-solutions Visforms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »