Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-26037
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.
Joomla Joomla\\!
5
CVSSv2
CVE-2010-1432
Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.
Joomla Joomla\\!
7.5
CVSSv2
CVE-2010-1433
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This m...
Joomla Joomla\\!
5
CVSSv2
CVE-2010-1434
Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and includ...
Joomla Joomla\\!
7.5
CVSSv2
CVE-2010-1435
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow malicious users to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versi...
Joomla Joomla\\!
4.3
CVSSv2
CVE-2021-26034
An issue exists in Joomla! 3.0.0 up to and including 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.
Joomla Joomla\\!
4.3
CVSSv2
CVE-2021-26033
An issue exists in Joomla! 3.0.0 up to and including 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
Joomla Joomla\\!
4.3
CVSSv2
CVE-2021-26032
An issue exists in Joomla! 3.0.0 up to and including 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.
Joomla Joomla\\!
5
CVSSv2
CVE-2021-26031
An issue exists in Joomla! 3.0.0 up to and including 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
4.3
CVSSv2
CVE-2021-26030
An issue exists in Joomla! 3.0.0 up to and including 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »