Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-7743
An issue exists in Joomla! prior to 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.
Joomla Joomla!
7.5
CVSSv2
CVE-2016-1000271
Joomla extension DT Register version prior to 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web ...
Dthdevelopment Dt Register
7.5
CVSSv2
CVE-2018-17375
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.
Joomlathat Music Collection 3.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2018-17377
SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter.
Extensiondeveloper Questions 1.4.3
1 EDB exploit
7.5
CVSSv2
CVE-2018-17379
SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
Thephpfactory Raffle Factory 3.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2018-17383
SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter.
Thephpfactory Collection Factory 4.1.9
1 EDB exploit
7.5
CVSSv2
CVE-2018-17384
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter.
Thephpfactory Swap Factory 2.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2018-17397
SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter.
Multiplanet Alphaindex Dictionaries 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2018-17376
SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter.
Thephpfactory Reverse Auction Factory 4.3.8
1 EDB exploit
7.5
CVSSv2
CVE-2018-17378
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
Thephpfactory Penny Auction Factory 2.0.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »