Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-23128
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is s...
Joomla Joomla\\!
445
VMScore
CVE-2021-26027
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
Joomla Joomla\\!
383
VMScore
CVE-2021-23129
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
Joomla Joomla\\!
383
VMScore
CVE-2021-23130
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of feed fields could lead to xss issues.
Joomla Joomla\\!
445
VMScore
CVE-2021-23131
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Missing input validation within the template manager.
Joomla Joomla\\!
446
VMScore
CVE-2021-23132
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. com_media allowed paths that are not intended for image uploads
Joomla Joomla\\!
2 Github repositories
445
VMScore
CVE-2021-26029
An issue exists in Joomla! 1.6.0 up to and including 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
Joomla Joomla\\!
383
VMScore
CVE-2021-26028
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
Joomla Joomla\\!
445
VMScore
CVE-2021-23126
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Joomla Joomla\\!
570
VMScore
CVE-2021-23127
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
Joomla Joomla\\!
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »