joomla
547 tracked vulnerabilities.
CVE-2022-23797
CRITICAL
Joomla! 3.0.0-3.10.6 - SQL Injection via Inadequate Filtering on Selected IDs
Mar 30, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-23796
MEDIUM
Joomla! 3.7.0-3.10.6 - Cross-Site Scripting via com_fields Input
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-23795
CRITICAL
Joomla! 2.5.0-3.10.6 and 4.0.0-4.1.0 - Improper Authentication
Mar 30, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-23794
MEDIUM
Joomla! 3.0.0-3.10.6 and 4.0.0-4.1.0 - Path Disclosure via Excessive Filename Length
Mar 30, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-23793
HIGH
Joomla! 3.0.0-3.10.6 and 4.0.0-4.1.0 - Path Traversal via Tar Package Extraction
Mar 30, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-26040
CRITICAL
Joomla! 4.0.0 - Incorrect Authorization for Media File Deletion
Aug 24, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-26039
MEDIUM
Joomla! 3.0.0-3.9.27 - Cross-Site Scripting in com_media imagelist View
Jul 07, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-26038
HIGH
Joomla! 2.5.0-3.9.27 - Privilege Escalation via com_installer Install Action
Jul 07, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-26037
MEDIUM
Joomla! 2.5.0-3.9.27 - Insufficient Session Expiration
Jul 07, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-26036
HIGH
Joomla! 2.5.0-3.9.27 - Denial of Service via Usergroup Table Manipulation
Jul 07, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-26035
MEDIUM
Joomla! 3.0.0-3.9.27 - Cross-Site Scripting in JForm Rules Field
Jul 07, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-26034
MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery in Data Download Endpoints
May 26, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-26033
MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery via AJAX Reordering Endpoint
May 26, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-26032
MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Scripting via MediaHelper::canUpload
May 26, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-26031
MEDIUM
Joomla! <3.9.25 - Local File Inclusion
Apr 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-26030
MEDIUM
Joomla! 3.0.0-3.9.25 - Cross-Site Scripting via Logo Parameter on Error Page
Apr 14, 2021
CVSS 6.1
EPSS 0.82
CVE-2021-26029
MEDIUM
Joomla! 1.6.0-3.9.24 - Unauthenticated Author Field Overwrite via Inadequate Form Filtering
Mar 04, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-26028
MEDIUM
Joomla! 3.0.0-3.9.24 - Path Traversal and Arbitrary File Write via Archive Zip Extraction
Mar 04, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-26027
MEDIUM
Joomla! 3.0.0-3.9.24 - Incorrect Authorization in Article Category Change
Mar 04, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23132
HIGH
Joomla! 3.0.0-3.9.24 - Unauthenticated Arbitrary File Upload via com_media
Mar 04, 2021
CVSS 7.5
EPSS 0.07
CVE-2021-23131
HIGH
Joomla! 3.2.0-3.9.24 - Improper Input Validation in Template Manager
Mar 04, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-23130
MEDIUM
Joomla! 2.5.0-3.9.24 - Cross-Site Scripting in Feed Parser Library
Mar 04, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23129
MEDIUM
Joomla! 2.5.0-3.9.24 - Stored Cross-Site Scripting in Alert Messages
Mar 04, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23128
CRITICAL
Joomla! 3.2.0-3.9.24 - Insecure Random Value Generation in FOFEncryptRandval
Mar 04, 2021
CVSS 9.1
EPSS 0.02
CVE-2021-23127
CRITICAL
Joomla! 3.2.0-3.9.24 - Insecure Randomness in 2FA Secret Generation
Mar 04, 2021
CVSS 9.1
EPSS 0.02
Products
joomla\! 314
joomla 81
joomla-cms 8
bsq_sitestats 6
rs_gallery2 4
com_beamospetition 3
com_weblinks 3
framework 3
archive 2
com_astatspro 2
com_downloads 2
com_facileforms 2
com_mailto 2
com_pcchess 2
com_pccookbook 2
com_rapidrecipe 2
com_sef 2
filter 2
jd-wiki 2
joomla-platform 2
akobook 1
application 1
be_it_easypartner_component 1
bibtex 1
car_manager 1
classifieds_component 1
colophon 1
com_acajoom 1
com_acctexp 1
com_artistavenue 1
Quick Filters