Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23753
The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.
Vi-solutions Visforms
NA
CVE-2023-28733
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plugin Enterprise in ...
Acymailing Acymailing
NA
CVE-2023-28731
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected. This issue affects AnyMailing Joomla Plugin Enterprise in v...
Acymailing Acymailing
NA
CVE-2023-28732
Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. This issue affects ...
Acymailing Acymailing
NA
CVE-2023-23752
An issue exists in Joomla! 4.0.0 up to and including 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Joomla Joomla\\!
53 Github repositories
NA
CVE-2023-23751
An issue exists in Joomla! 4.0.0 up to and including 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.
Joomla Joomla\\!
NA
CVE-2023-23750
An issue exists in Joomla! 4.0.0 up to and including 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.
Joomla Joomla\\!
NA
CVE-2016-15016
A vulnerability was found in mrtnmtth joomla_mod_einsatz_stats up to 0.2. It has been classified as critical. This affects the function getStatsByType of the file helper.php. The manipulation of the argument year leads to sql injection. Upgrading to version 0.3 is able to address...
Joomla Mod Einsatz Stats Project Joomla Mod Einsatz Stats
NA
CVE-2010-10003
A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The patch is named b4604e523853965fa9...
Titlelink Project Titlelink
NA
CVE-2022-27914
An issue exists in Joomla! 4.0.0 up to and including 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.
Joomla Joomla\\!
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »