joomla

515 tracked vulnerabilities.

CVE-2024-21725 MEDIUM
Joomla! 4.0.0-4.4.2 - Cross-Site Scripting in Mail Address Outputs
Feb 29, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-21724 MEDIUM
Joomla! 1.6.0-3.10.14 - Cross-Site Scripting in Media Selection Fields
Feb 29, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21723 MEDIUM
Joomla! 1.5.0-3.10.14 - Open Redirect via URL Parsing
Feb 29, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-21722 MEDIUM
Joomla! 3.2.0-3.10.14 - Insufficient Session Expiration in MFA Management
Feb 29, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-40626 HIGH
Language File Parsing - Info Disclosure
Nov 29, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-23755 HIGH
Joomla! 4.2.0-4.3.1 - Unauthenticated Brute Force Attack via MFA Screen
May 30, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-23754 MEDIUM
Joomla! 4.2.0-4.3.1 - Open Redirect and Cross-Site Scripting in MFA Selection Screen
May 30, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23752 MEDIUM KEVNUCLEI
Joomla! 4.0.0-4.2.7 - Unauthenticated Improper Access Control in Webservice Endpoints
Feb 16, 2023
CVSS 5.3
EPSS 0.95
CVE-2023-23751 MEDIUM
Joomla! 4.0.0-4.2.4 - Incorrect Authorization in com_actionlogs
Feb 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-23750 MEDIUM
Joomla! 4.0.0-4.2.6 - Cross-Site Request Forgery in Post-Installation Messages
Feb 01, 2023
CVSS 6.3
EPSS 0.00
CVE-2022-27914 MEDIUM
Joomla! 4.0.0-4.2.4 - Reflected Cross-Site Scripting in com_media
Nov 08, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27913 MEDIUM
Joomla! 4.2.0-4.2.3 - Reflected Cross-Site Scripting in Various Components
Oct 25, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27912 MEDIUM
Joomla! 4.0.0-4.2.3 - Unauthorized Sensitive Information Exposure in Debug Mode
Oct 25, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-27911 MEDIUM
Joomla! 4.2.0 - Full Path Disclosure via Missing _JEXEC Check
Aug 31, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-23801 MEDIUM
Joomla! 4.0.0-4.1.0 - Cross-Site Scripting via SVG Embedding in com_media
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-23800 MEDIUM
Joomla! 4.0.0-4.1.0 - Cross-Site Scripting via Inadequate Content Filtering
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-23799 CRITICAL
Joomla! 4.0.0-4.1.0 - Variable Tampering via JInput Request Data Pollution
Mar 30, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-23798 MEDIUM
Joomla! 2.5.0-3.10.6 & 4.0.0-4.1.0 - Open Redirect via URL Validation Bypass
Mar 30, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-23797 CRITICAL
Joomla! 3.0.0-3.10.6 - SQL Injection via Inadequate Filtering on Selected IDs
Mar 30, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-23796 MEDIUM
Joomla! 3.7.0-3.10.6 - Cross-Site Scripting via com_fields Input
Mar 30, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-23795 CRITICAL
Joomla! 2.5.0-3.10.6 and 4.0.0-4.1.0 - Improper Authentication
Mar 30, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-23794 MEDIUM
Joomla! 3.0.0-3.10.6 and 4.0.0-4.1.0 - Path Disclosure via Excessive Filename Length
Mar 30, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-23793 HIGH
Joomla! 3.0.0-3.10.6 and 4.0.0-4.1.0 - Path Traversal via Tar Package Extraction
Mar 30, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-26040 CRITICAL
Joomla! 4.0.0 - Incorrect Authorization for Media File Deletion
Aug 24, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-26039 MEDIUM
Joomla! 3.0.0-3.9.27 - Cross-Site Scripting in com_media imagelist View
Jul 07, 2021
CVSS 6.1
EPSS 0.01
Products
joomla\! 282 joomla 81 joomla-cms 8 bsq_sitestats 6 rs_gallery2 4 com_beamospetition 3 com_weblinks 3 framework 3 archive 2 com_astatspro 2 com_downloads 2 com_facileforms 2 com_mailto 2 com_pcchess 2 com_pccookbook 2 com_rapidrecipe 2 com_sef 2 filter 2 jd-wiki 2 joomla-platform 2 akobook 1 application 1 be_it_easypartner_component 1 bibtex 1 car_manager 1 classifieds_component 1 colophon 1 com_acajoom 1 com_acctexp 1 com_artistavenue 1
Quick Filters
Critical CVEs With Exploits In CISA KEV