Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-23794
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Joomla Joomla\\!
4.3
CVSSv2
CVE-2022-23796
An issue exists in Joomla! 3.7.0 up to and including 3.10.6. Lack of input validation could allow an XSS attack using com_fields.
Joomla Joomla\\!
5.8
CVSSv2
CVE-2022-23798
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.
Joomla Joomla\\!
4.3
CVSSv2
CVE-2022-23800
An issue exists in Joomla! 4.0.0 up to and including 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.
Joomla Joomla\\!
6.8
CVSSv2
CVE-2022-23795
An issue exists in Joomla! 2.5.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Joomla Joomla\\!
6.4
CVSSv2
CVE-2021-26040
An issue exists in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.
Joomla Joomla\\! 4.0.0
4.3
CVSSv2
CVE-2021-26035
An issue exists in Joomla! 3.0.0 up to and including 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.
Joomla Joomla\\!
5
CVSSv2
CVE-2021-26036
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. Missing validation of input could lead to a broken usergroups table.
Joomla Joomla\\!
5
CVSSv2
CVE-2021-26037
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.
Joomla Joomla\\!
4.3
CVSSv2
CVE-2021-26038
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.
Joomla Joomla\\!
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »