Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla! 2.5.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-23795
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Joomla Joomla!
5.8
CVSSv2
CVE-2022-23798
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.
Joomla Joomla!
5
CVSSv2
CVE-2021-26036
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. Missing validation of input could lead to a broken usergroups table.
Joomla Joomla!
5
CVSSv2
CVE-2021-26037
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.
Joomla Joomla!
4.3
CVSSv2
CVE-2021-26038
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.
Joomla Joomla!
4.3
CVSSv2
CVE-2021-23129
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
Joomla Joomla!
4.3
CVSSv2
CVE-2021-23130
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of feed fields could lead to xss issues.
Joomla Joomla!
5
CVSSv2
CVE-2020-35610
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Joomla Joomla!
5
CVSSv2
CVE-2020-35611
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
Joomla Joomla!
5
CVSSv2
CVE-2020-35612
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Joomla Joomla!
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »