joomla

515 tracked vulnerabilities.

CVE-2021-26038 HIGH
Joomla! 2.5.0-3.9.27 - Privilege Escalation via com_installer Install Action
Jul 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-26037 MEDIUM
Joomla! 2.5.0-3.9.27 - Insufficient Session Expiration
Jul 07, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-26036 HIGH
Joomla! 2.5.0-3.9.27 - Denial of Service via Usergroup Table Manipulation
Jul 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-26035 MEDIUM
Joomla! 3.0.0-3.9.27 - Cross-Site Scripting in JForm Rules Field
Jul 07, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-26034 MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery in Data Download Endpoints
May 26, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-26033 MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery via AJAX Reordering Endpoint
May 26, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-26032 MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Scripting via MediaHelper::canUpload
May 26, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-26031 MEDIUM
Joomla! <3.9.25 - Local File Inclusion
Apr 14, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-26030 MEDIUM
Joomla! 3.0.0-3.9.25 - Cross-Site Scripting via Logo Parameter on Error Page
Apr 14, 2021
CVSS 6.1
EPSS 0.09
CVE-2021-26029 MEDIUM
Joomla! 1.6.0-3.9.24 - Unauthenticated Author Field Overwrite via Inadequate Form Filtering
Mar 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-26028 MEDIUM
Joomla! 3.0.0-3.9.24 - Path Traversal and Arbitrary File Write via Archive Zip Extraction
Mar 04, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-26027 MEDIUM
Joomla! 3.0.0-3.9.24 - Incorrect Authorization in Article Category Change
Mar 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-23132 HIGH
Joomla! 3.0.0-3.9.24 - Unauthenticated Arbitrary File Upload via com_media
Mar 04, 2021
CVSS 7.5
EPSS 0.59
CVE-2021-23131 HIGH
Joomla! 3.2.0-3.9.24 - Improper Input Validation in Template Manager
Mar 04, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-23130 MEDIUM
Joomla! 2.5.0-3.9.24 - Cross-Site Scripting in Feed Parser Library
Mar 04, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23129 MEDIUM
Joomla! 2.5.0-3.9.24 - Stored Cross-Site Scripting in Alert Messages
Mar 04, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23128 CRITICAL
Joomla! 3.2.0-3.9.24 - Insecure Random Value Generation in FOFEncryptRandval
Mar 04, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-23127 CRITICAL
Joomla! 3.2.0-3.9.24 - Insecure Randomness in 2FA Secret Generation
Mar 04, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-23126 MEDIUM
Joomla! 3.2.0-3.9.24 - Use of Cryptographically Weak PRNG in 2FA Secret Generation
Mar 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-23125 MEDIUM
Joomla! 3.1.0-3.9.23 - Cross-Site Scripting in com_tags Image Parameters
Jan 12, 2021
CVSS 6.1
EPSS 0.03
CVE-2021-23124 MEDIUM
Joomla! 3.9.0-3.9.23 - Cross-Site Scripting in mod_breadcrumbs aria-label Attribute
Jan 12, 2021
CVSS 6.1
EPSS 0.02
CVE-2021-23123 MEDIUM
Joomla! 3.0.0-3.9.23 - Unauthenticated Information Disclosure via com_modules orderPosition Endpoint
Jan 12, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-35616 HIGH
Joomla! 1.7.0-3.9.22 - Write ACL Violation via Improper Input Validation
Dec 28, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-35615 MEDIUM
Joomla! 2.5.0-3.9.22 - Cross-Site Request Forgery in com_privacy Emailexport Feature
Dec 28, 2020
CVSS 6.3
EPSS 0.00
CVE-2020-35614 MEDIUM
Joomla! 3.9.0-3.9.22 - User Enumeration via Backend Login Page
Dec 28, 2020
CVSS 5.3
EPSS 0.00
Products
joomla\! 282 joomla 81 joomla-cms 8 bsq_sitestats 6 rs_gallery2 4 com_beamospetition 3 com_weblinks 3 framework 3 archive 2 com_astatspro 2 com_downloads 2 com_facileforms 2 com_mailto 2 com_pcchess 2 com_pccookbook 2 com_rapidrecipe 2 com_sef 2 filter 2 jd-wiki 2 joomla-platform 2 akobook 1 application 1 be_it_easypartner_component 1 bibtex 1 car_manager 1 classifieds_component 1 colophon 1 com_acajoom 1 com_acctexp 1 com_artistavenue 1
Quick Filters
Critical CVEs With Exploits In CISA KEV