joomla
547 tracked vulnerabilities.
CVE-2024-27184
MEDIUM
Joomla 3.4.6-3.10.17 and 4.0-4.4.7 - Open Redirect
Aug 20, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-26279
MEDIUM
Joomla! 3.0.0-3.10.15 - Cross-Site Scripting in Wrapper Extensions
Jul 09, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-26278
MEDIUM
Joomla! 3.7.0-3.10.15 - Stored Cross-Site Scripting in Custom Fields Default Value
Jul 09, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21731
MEDIUM
Joomla! 3.0.0-3.10.14 - Cross-Site Scripting in StringHelper::truncate Method
Jul 09, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21730
MEDIUM
Joomla! 4.0.0-4.4.5 - Self Cross-Site Scripting in Fancyselect List Field Layout
Jul 09, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-21729
MEDIUM
Joomla! 4.0.0-4.4.5 - Cross-Site Scripting in Accessible Media Selection Field
Jul 09, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21726
MEDIUM
Joomla! 3.7.0-3.10.14 - Cross-Site Scripting via Inadequate Content Filtering
Feb 29, 2024
CVSS 6.5
EPSS 0.49
CVE-2024-21725
MEDIUM
Joomla! 4.0.0-4.4.2 - Cross-Site Scripting in Mail Address Outputs
Feb 29, 2024
CVSS 6.1
EPSS 0.32
CVE-2024-21724
MEDIUM
Joomla! 1.6.0-3.10.14 - Cross-Site Scripting in Media Selection Fields
Feb 29, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-21723
MEDIUM
Joomla! 1.5.0-3.10.14 - Open Redirect via URL Parsing
Feb 29, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-21722
MEDIUM
Joomla! 3.2.0-3.10.14 - Insufficient Session Expiration in MFA Management
Feb 29, 2024
CVSS 6.3
EPSS 0.01
CVE-2023-40626
HIGH
Language File Parsing - Info Disclosure
Nov 29, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23755
HIGH
Joomla! 4.2.0-4.3.1 - Unauthenticated Brute Force Attack via MFA Screen
May 30, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23754
MEDIUM
Joomla! 4.2.0-4.3.1 - Open Redirect and Cross-Site Scripting in MFA Selection Screen
May 30, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23752
MEDIUM
KEVNUCLEI
Joomla! 4.0.0-4.2.7 - Unauthenticated Improper Access Control in Webservice Endpoints
Feb 16, 2023
CVSS 5.3
EPSS 1.00
CVE-2023-23751
MEDIUM
Joomla! 4.0.0-4.2.4 - Incorrect Authorization in com_actionlogs
Feb 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-23750
MEDIUM
Joomla! 4.0.0-4.2.6 - Cross-Site Request Forgery in Post-Installation Messages
Feb 01, 2023
CVSS 6.3
EPSS 0.00
CVE-2022-27914
MEDIUM
Joomla! 4.0.0-4.2.4 - Reflected Cross-Site Scripting in com_media
Nov 08, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27913
MEDIUM
Joomla! 4.2.0-4.2.3 - Reflected Cross-Site Scripting in Various Components
Oct 25, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27912
MEDIUM
Joomla! 4.0.0-4.2.3 - Unauthorized Sensitive Information Exposure in Debug Mode
Oct 25, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-27911
MEDIUM
Joomla! 4.2.0 - Full Path Disclosure via Missing _JEXEC Check
Aug 31, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-23801
MEDIUM
Joomla! 4.0.0-4.1.0 - Cross-Site Scripting via SVG Embedding in com_media
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-23800
MEDIUM
Joomla! 4.0.0-4.1.0 - Cross-Site Scripting via Inadequate Content Filtering
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-23799
CRITICAL
Joomla! 4.0.0-4.1.0 - Variable Tampering via JInput Request Data Pollution
Mar 30, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-23798
MEDIUM
Joomla! 2.5.0-3.10.6 & 4.0.0-4.1.0 - Open Redirect via URL Validation Bypass
Mar 30, 2022
CVSS 6.1
EPSS 0.01
Products
joomla\! 314
joomla 81
joomla-cms 8
bsq_sitestats 6
rs_gallery2 4
com_beamospetition 3
com_weblinks 3
framework 3
archive 2
com_astatspro 2
com_downloads 2
com_facileforms 2
com_mailto 2
com_pcchess 2
com_pccookbook 2
com_rapidrecipe 2
com_sef 2
filter 2
jd-wiki 2
joomla-platform 2
akobook 1
application 1
be_it_easypartner_component 1
bibtex 1
car_manager 1
classifieds_component 1
colophon 1
com_acajoom 1
com_acctexp 1
com_artistavenue 1
Quick Filters