Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla! vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1939
Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x up to and including 1.5.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Joomla Joomla 1.5.0 Beta
Joomla Joomla 1.5.8
Joomla Joomla 1.5.6
Joomla Joomla 1.5.10
Joomla Joomla 1.5.7
Joomla Joomla 1.5.5
Joomla Joomla 1.5.0 Beta1
Joomla Joomla 1.5.0 Beta2
Joomla Joomla 1.5.9
Joomla Joomla 1.5.2
Joomla Joomla 1.5.0 Rc1
Joomla Joomla 1.5.1
Joomla Joomla 1.5.3
Joomla Joomla 1.5.4
NA
CVE-2013-3056
Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors.
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.2
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.0.0
NA
CVE-2013-3058
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.0
Joomla Joomla\\! 3.0.2
NA
CVE-2013-3059
Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.0
Joomla Joomla\\! 3.0.2
NA
CVE-2013-3267
Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.0.0
Joomla Joomla\\! 3.0.2
NA
CVE-2013-3057
Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors.
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.3
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 3.0.2
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.0
NA
CVE-2015-7858
SQL injection vulnerability in Joomla! 3.2 prior to 3.4.4 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297.
Joomla Joomla\\! 3.4.0
Joomla Joomla\\! 3.3.3
Joomla Joomla\\! 3.3.4
Joomla Joomla\\! 3.3.1
Joomla Joomla\\! 3.3.2
Joomla Joomla\\! 3.2.4
Joomla Joomla\\! 3.4.3
Joomla Joomla\\! 3.3.0
Joomla Joomla\\! 3.2.2
Joomla Joomla\\! 3.2.3
Joomla Joomla\\! 3.4.2
Joomla Joomla\\! 3.4.1
Joomla Joomla\\! 3.2.0
Joomla Joomla\\! 3.2.1
1 EDB exploit
14 Github repositories
1 Article
NA
CVE-2011-4909
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! prior to 1.5.12 allow remote malicious users to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) pl...
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.1
Joomla Joomla\\!
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.6
1 EDB exploit
NA
CVE-2011-4910
Cross-site scripting (XSS) vulnerability in Joomla! prior to 1.5.12 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.5
Joomla Joomla\\!
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.0
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.1
NA
CVE-2011-4911
Joomla! prior to 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote malicious users to obtain the installation path via unspecified vectors.
Joomla Joomla\\! 1.5.5
Joomla Joomla\\! 1.5.4
Joomla Joomla\\! 1.5.3
Joomla Joomla\\! 1.5.2
Joomla Joomla\\! 1.5.8
Joomla Joomla\\! 1.5.6
Joomla Joomla\\! 1.5.1
Joomla Joomla\\!
Joomla Joomla\\! 1.5.10
Joomla Joomla\\! 1.5.9
Joomla Joomla\\! 1.5.7
Joomla Joomla\\! 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »