Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla! 1.7.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2011-3629
Joomla! core 1.7.1 allows information disclosure due to weak encryption
Joomla Joomla!
7.5
CVSSv3
CVE-2011-4937
Joomla! 1.7.1 has core information disclosure due to inadequate error checking.
Joomla Joomla!
9.8
CVSSv3
CVE-2017-14596
In Joomla! prior to 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 2.5.7
Joomla Joomla! 3.7.3
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 3.7.0
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
Joomla Joomla! 1.5.3
8.8
CVSSv3
CVE-2017-11364
The CMS installer in Joomla! prior to 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
Joomla Joomla! 1.0.5
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 3.7.3
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 3.7.0
Joomla Joomla! 2.5.25
Joomla Joomla! 1.0.9
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
6.1
CVSSv3
CVE-2017-11612
In Joomla! prior to 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 3.7.3
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 3.7.0
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
5.3
CVSSv3
CVE-2017-7983
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
6.1
CVSSv3
CVE-2017-7986
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
5.3
CVSSv3
CVE-2017-7988
In Joomla! 1.6.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
NA
CVE-2015-8562
Joomla! 1.5.x, 2.x, and 3.x prior to 3.4.6 allow remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
Joomla Joomla! 1.5.3
Joomla Joomla! 3.4.2
Joomla Joomla! 3.3.4
Joomla Joomla! 2.5.8
2 EDB exploits
20 Github repositories
NA
CVE-2014-1837
Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component prior to 1.7.4 for Joomla! allows remote malicious users to inject arbitrary web script or HTML via vectors related to "checking new comments."
Stackideas Komento 1.7.1
Stackideas Komento
Stackideas Komento 1.7.2
Stackideas Komento 1.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »