Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6004
SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.
Techsolsystem File Download Tracker 3.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6006
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
Joomsky Js Autoz 1.0.9
1 EDB exploit
9.8
CVSSv3
CVE-2018-6584
SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.
Dthdevelopment Dt Register 3.2.7
1 EDB exploit
9.8
CVSSv3
CVE-2018-6609
SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.
Jsp Tickets Project Jsp Tickets 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6582
SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Googlemap Project Zh Googlemap 8.4.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6604
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
Zh Yandexmap Project Zh Yandexmap 6.2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6605
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Baidumap Project Zh Baidumap 3.0.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6578
SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.
Jextn Je Paypervideo 3.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6575
SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request.
Jextn Classified 1.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6577
SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.
Jextn Membership 3.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »