Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joomla vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-23124
An issue exists in Joomla! 3.9.0 up to and including 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
Joomla Joomla\\!
445
VMScore
CVE-2021-23123
An issue exists in Joomla! 3.0.0 up to and including 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
Joomla Joomla\\!
1 Github repository
383
VMScore
CVE-2021-23125
An issue exists in Joomla! 3.1.0 up to and including 3.9.23. The lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.
Joomla Joomla\\!
445
VMScore
CVE-2020-35610
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Joomla Joomla\\!
445
VMScore
CVE-2020-35611
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
Joomla Joomla\\!
445
VMScore
CVE-2020-35612
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Joomla Joomla\\!
668
VMScore
CVE-2020-35613
An issue exists in Joomla! 3.0.0 up to and including 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.
Joomla Joomla\\!
605
VMScore
CVE-2020-35615
An issue exists in Joomla! 2.5.0 up to and including 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.
Joomla Joomla\\!
445
VMScore
CVE-2020-35614
An issue exists in Joomla! 3.9.0 up to and including 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page.
Joomla Joomla\\!
446
VMScore
CVE-2020-35616
An issue exists in Joomla! 1.7.0 up to and including 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.
Joomla Joomla\\!
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »