Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla joomla! 3.7.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-13760
In Joomla! prior to 3.9.19, missing token checks in com_postinstall lead to CSRF.
Joomla Joomla! 3.7.0
Joomla Joomla!
9.8
CVSSv3
CVE-2017-8917
SQL injection vulnerability in Joomla! 3.7.x prior to 3.7.1 allows malicious users to execute arbitrary SQL commands via unspecified vectors.
Joomla Joomla! 3.7.0
2 EDB exploits
1 Nmap script
11 Github repositories
3.7
CVSSv3
CVE-2017-14595
In Joomla! prior to 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.
Joomla Joomla! 3.7.3
Joomla Joomla! 3.7.0
Joomla Joomla! 3.7.2
Joomla Joomla! 3.7.1
Joomla Joomla! 3.7.4
Joomla Joomla! 3.7.5
5.3
CVSSv3
CVE-2017-7988
In Joomla! 1.6.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
6.1
CVSSv3
CVE-2017-7986
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
5.3
CVSSv3
CVE-2017-7983
In Joomla! 1.5.0 up to and including 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 1.6.4
Joomla Joomla! 2.5.19
Joomla Joomla! 3.6.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 1.5.24
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 1.7.1
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 1.5.26
Joomla Joomla! 1.5.11
Joomla Joomla! 3.2.1
Joomla Joomla! 1.5.25
Joomla Joomla! 1.6.3
Joomla Joomla! 3.3.5
Joomla Joomla! 1.5.13
Joomla Joomla! 2.5.22
Joomla Joomla! 3.4.4
6.1
CVSSv3
CVE-2017-7984
In Joomla! 3.2.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate filtering leads to XSS in the template manager component.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 3.6.0
Joomla Joomla! 3.3.3
Joomla Joomla! 3.2.1
Joomla Joomla! 3.3.5
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
Joomla Joomla! 3.3.4
Joomla Joomla! 3.6.1
Joomla Joomla! 3.6.5
Joomla Joomla! 3.3.1
Joomla Joomla! 3.2.2
Joomla Joomla! 3.6.2
Joomla Joomla! 3.4.8
Joomla Joomla! 3.4.5
Joomla Joomla! 3.4.6
Joomla Joomla! 3.6.3
Joomla Joomla! 3.3.0
Joomla Joomla! 3.5.1
Joomla Joomla! 3.2.4
6.1
CVSSv3
CVE-2017-7987
In Joomla! 3.2.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate escaping of file and folder names leads to XSS vulnerabilities in the template manager component.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 3.6.0
Joomla Joomla! 3.3.3
Joomla Joomla! 3.2.1
Joomla Joomla! 3.3.5
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
Joomla Joomla! 3.3.4
Joomla Joomla! 3.6.1
Joomla Joomla! 3.6.5
Joomla Joomla! 3.3.1
Joomla Joomla! 3.2.2
Joomla Joomla! 3.6.2
Joomla Joomla! 3.4.8
Joomla Joomla! 3.4.5
Joomla Joomla! 3.4.6
Joomla Joomla! 3.6.3
Joomla Joomla! 3.3.0
Joomla Joomla! 3.5.1
Joomla Joomla! 3.2.4
5.3
CVSSv3
CVE-2017-8057
In Joomla! 3.4.0 up to and including 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 3.6.0
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
Joomla Joomla! 3.6.1
Joomla Joomla! 3.6.5
Joomla Joomla! 3.6.2
Joomla Joomla! 3.4.8
Joomla Joomla! 3.4.5
Joomla Joomla! 3.4.6
Joomla Joomla! 3.6.3
Joomla Joomla! 3.5.1
Joomla Joomla! 3.4.7
Joomla Joomla! 3.4.3
Joomla Joomla! 3.6.4
6.5
CVSSv3
CVE-2017-7989
In Joomla! 3.2.0 up to and including 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.
Joomla Joomla! 3.4.0
Joomla Joomla! 3.5.0
Joomla Joomla! 3.6.0
Joomla Joomla! 3.3.3
Joomla Joomla! 3.2.1
Joomla Joomla! 3.3.5
Joomla Joomla! 3.4.4
Joomla Joomla! 3.4.2
Joomla Joomla! 3.4.1
Joomla Joomla! 3.3.4
Joomla Joomla! 3.6.1
Joomla Joomla! 3.6.5
Joomla Joomla! 3.3.1
Joomla Joomla! 3.2.2
Joomla Joomla! 3.6.2
Joomla Joomla! 3.4.8
Joomla Joomla! 3.4.5
Joomla Joomla! 3.4.6
Joomla Joomla! 3.6.3
Joomla Joomla! 3.3.0
Joomla Joomla! 3.5.1
Joomla Joomla! 3.2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »