Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-1453
plugins/system/highlight/highlight.php in Joomla! 3.0.x up to and including 3.0.2 and 2.5.x up to and including 2.5.8 allows malicious users to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and poss...
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.2
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 3.0.0
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.3
1 EDB exploit
4.3
CVSSv2
CVE-2009-1938
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x up to and including 1.5.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel.
Joomla Joomla 1.5
Joomla Joomla 1.5.0
Joomla Joomla 1.5.1
Joomla Joomla 1.5.10
Joomla Joomla 1.5.2
Joomla Joomla 1.5.9
Joomla Joomla 1.5.3
Joomla Joomla 1.5.4
Joomla Joomla 1.5.5
Joomla Joomla 1.5.6
Joomla Joomla 1.5.7
Joomla Joomla 1.5.8
1 EDB exploit
7.5
CVSSv2
CVE-2016-9081
Joomla! 3.4.4 up to and including 3.6.3 allows malicious users to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
Joomla Joomla\\! 3.6.0
Joomla Joomla\\! 3.5.1
Joomla Joomla\\! 3.4.7
Joomla Joomla\\! 3.4.4
Joomla Joomla\\! 3.4.5
Joomla Joomla\\! 3.4.6
Joomla Joomla\\! 3.6.2
Joomla Joomla\\! 3.6.1
Joomla Joomla\\! 3.5.0
Joomla Joomla\\! 3.6.3
Joomla Joomla\\! 3.4.8
1 Github repository
4.3
CVSSv2
CVE-2012-0820
Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x prior to 1.7.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 1.6.5
Joomla Joomla\\! 1.7.0
Joomla Joomla\\! 1.7.1
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.7.3
5
CVSSv2
CVE-2012-0819
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x prior to 1.7.4 allows remote malicious users to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.7.1
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 1.7.3
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 1.6.5
Joomla Joomla\\! 1.7.0
5
CVSSv2
CVE-2012-0821
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x prior to 1.7.4 allows remote malicious users to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.6.5
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.7.0
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 1.7.3
Joomla Joomla\\! 1.7.1
4.3
CVSSv2
CVE-2012-0822
Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x prior to 1.7.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.
Joomla Joomla\\! 1.6
Joomla Joomla\\! 1.6.4
Joomla Joomla\\! 1.7.0
Joomla Joomla\\! 1.6.6
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 1.7.3
Joomla Joomla\\! 1.6.1
Joomla Joomla\\! 1.6.3
Joomla Joomla\\! 1.6.0
Joomla Joomla\\! 1.6.5
Joomla Joomla\\! 1.7.1
2.6
CVSSv2
CVE-2009-1279
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 up to and including 1.5.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics&qu...
Joomla Joomla 1.5.0
Joomla Joomla 1.5.1
Joomla Joomla 1.5.8
Joomla Joomla 1.5.9
Joomla Joomla 1.5.6
Joomla Joomla 1.5.7
Joomla Joomla 1.5.2
Joomla Joomla 1.5.3
Joomla Joomla 1.5
Joomla Joomla 1.5.4
Joomla Joomla 1.5.5
6.8
CVSSv2
CVE-2009-1280
Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x up to and including 1.5.9 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Joomla Joomla 1.5.0
Joomla Joomla 1.5.6
Joomla Joomla 1.5.7
Joomla Joomla 1.5.8
Joomla Joomla 1.5
Joomla Joomla 1.5.4
Joomla Joomla 1.5.5
Joomla Joomla 1.5.1
Joomla Joomla 1.5.9
Joomla Joomla 1.5.2
Joomla Joomla 1.5.3
4.3
CVSSv2
CVE-2006-6832
Cross-site scripting (XSS) vulnerability in Joomla! prior to 1.0.12 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title.
Joomla Joomla 1.0.5
Joomla Joomla 1.0.7
Joomla Joomla 1.0.10
Joomla Joomla 1.0.11
Joomla Joomla 1.0.2
Joomla Joomla 1.0.3
Joomla Joomla 1.0.4
Joomla Joomla 1.0
Joomla Joomla 1.0.1
Joomla Joomla 1.0.8
Joomla Joomla 1.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »