Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-26027
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
Joomla Joomla\\!
383
VMScore
CVE-2021-26028
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
Joomla Joomla\\!
445
VMScore
CVE-2021-26029
An issue exists in Joomla! 1.6.0 up to and including 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
Joomla Joomla\\!
570
VMScore
CVE-2021-23128
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is s...
Joomla Joomla\\!
445
VMScore
CVE-2021-23126
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Joomla Joomla\\!
383
VMScore
CVE-2021-23129
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
Joomla Joomla\\!
383
VMScore
CVE-2021-23130
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of feed fields could lead to xss issues.
Joomla Joomla\\!
570
VMScore
CVE-2021-23127
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
Joomla Joomla\\!
445
VMScore
CVE-2021-23131
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Missing input validation within the template manager.
Joomla Joomla\\!
446
VMScore
CVE-2021-23132
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. com_media allowed paths that are not intended for image uploads
Joomla Joomla\\!
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »