Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-27912
An issue exists in Joomla! 4.0.0 up to and including 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.
Joomla Joomla\\!
NA
CVE-2022-27913
An issue exists in Joomla! 4.2.0 up to and including 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.
Joomla Joomla\\!
NA
CVE-2022-27911
An issue exists in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.
Joomla Joomla\\! 4.2.0
383
VMScore
CVE-2022-27910
In Joomla component 'Joomlatools - DOCman 3.5.13 (and likely most versions below)' are affected to an reflected Cross-Site Scripting (XSS) in an image upload function
Joomlatools Docman
446
VMScore
CVE-2022-23802
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private info...
Ijoomla Guru 5.2.5
356
VMScore
CVE-2022-27909
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
Jdownloads Jdownloads 3.9.8.2
446
VMScore
CVE-2022-23793
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
Joomla Joomla\\!
446
VMScore
CVE-2022-23794
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Joomla Joomla\\!
384
VMScore
CVE-2022-23796
An issue exists in Joomla! 3.7.0 up to and including 3.10.6. Lack of input validation could allow an XSS attack using com_fields.
Joomla Joomla\\!
384
VMScore
CVE-2022-23801
An issue exists in Joomla! 4.0.0 up to and including 4.1.0. Possible XSS atack vector through SVG embedding in com_media.
Joomla Joomla\\!
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »