Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2021-23128
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is s...
Joomla Joomla\\!
5.3
CVSSv3
CVE-2021-26027
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2021-23129
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2021-23130
An issue exists in Joomla! 2.5.0 up to and including 3.9.24. Missing filtering of feed fields could lead to xss issues.
Joomla Joomla\\!
7.5
CVSSv3
CVE-2021-23131
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Missing input validation within the template manager.
Joomla Joomla\\!
7.5
CVSSv3
CVE-2021-23132
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. com_media allowed paths that are not intended for image uploads
Joomla Joomla\\!
2 Github repositories
5.3
CVSSv3
CVE-2021-26029
An issue exists in Joomla! 1.6.0 up to and including 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
Joomla Joomla\\!
5.5
CVSSv3
CVE-2021-26028
An issue exists in Joomla! 3.0.0 up to and including 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
Joomla Joomla\\!
5.3
CVSSv3
CVE-2021-23126
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Joomla Joomla\\!
9.1
CVSSv3
CVE-2021-23127
An issue exists in Joomla! 3.2.0 up to and including 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
Joomla Joomla\\!
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »