Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-22274
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
Jomsocial Jomsocial 4.7.6
7.5
CVSSv3
CVE-2020-19455
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.
Jdownloads Jdownloads 3.2.63
7.5
CVSSv3
CVE-2020-19450
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.
Jdownloads Jdownloads 3.2.63
7.5
CVSSv3
CVE-2020-19451
SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.
Jdownloads Jdownloads 3.2.63
7.5
CVSSv3
CVE-2020-19447
SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.
Jdownloads Jdownloads 3.2.63
8.8
CVSSv3
CVE-2020-25751
The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.
Corephp Pago Commerce 2.5.9.0
7.5
CVSSv3
CVE-2020-23971
gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can access the upload function without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the conten...
Gmapfp Gmapfp J3.30
7.5
CVSSv3
CVE-2020-23972
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file t...
Gmapfp Gmapfp J3.5
6.1
CVSSv3
CVE-2020-24599
An issue exists in Joomla! prior to 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2020-24598
An issue exists in Joomla! prior to 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect.
Joomla Joomla\\!
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »