Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-27912
An issue exists in Joomla! 4.0.0 up to and including 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2022-27913
An issue exists in Joomla! 4.2.0 up to and including 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.
Joomla Joomla\\!
5.3
CVSSv3
CVE-2022-27911
An issue exists in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.
Joomla Joomla\\! 4.2.0
6.1
CVSSv3
CVE-2022-27910
In Joomla component 'Joomlatools - DOCman 3.5.13 (and likely most versions below)' are affected to an reflected Cross-Site Scripting (XSS) in an image upload function
Joomlatools Docman
4.3
CVSSv3
CVE-2022-27909
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
Jdownloads Jdownloads 3.9.8.2
7.5
CVSSv3
CVE-2022-23802
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private info...
Ijoomla Guru 5.2.5
7.5
CVSSv3
CVE-2022-23793
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
Joomla Joomla\\!
5.3
CVSSv3
CVE-2022-23794
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Joomla Joomla\\!
9.8
CVSSv3
CVE-2022-23795
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2022-23796
An issue exists in Joomla! 3.7.0 up to and including 3.10.6. Lack of input validation could allow an XSS attack using com_fields.
Joomla Joomla\\!
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »