Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-27913
An issue exists in Joomla! 4.2.0 up to and including 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.
Joomla Joomla\\!
5.3
CVSSv3
CVE-2022-27911
An issue exists in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.
Joomla Joomla\\! 4.2.0
6.1
CVSSv3
CVE-2022-27910
In Joomla component 'Joomlatools - DOCman 3.5.13 (and likely most versions below)' are affected to an reflected Cross-Site Scripting (XSS) in an image upload function
Joomlatools Docman
7.5
CVSSv3
CVE-2022-23802
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private info...
Ijoomla Guru 5.2.5
4.3
CVSSv3
CVE-2022-27909
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
Jdownloads Jdownloads 3.9.8.2
5.3
CVSSv3
CVE-2022-23794
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Joomla Joomla\\!
9.8
CVSSv3
CVE-2022-23795
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2022-23796
An issue exists in Joomla! 3.7.0 up to and including 3.10.6. Lack of input validation could allow an XSS attack using com_fields.
Joomla Joomla\\!
9.8
CVSSv3
CVE-2022-23797
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2022-23798
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.
Joomla Joomla\\!
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »