joomla
547 tracked vulnerabilities.
CVE-2021-23126
MEDIUM
Joomla! 3.2.0-3.9.24 - Use of Cryptographically Weak PRNG in 2FA Secret Generation
Mar 04, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23125
MEDIUM
Joomla! 3.1.0-3.9.23 - Cross-Site Scripting in com_tags Image Parameters
Jan 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23124
MEDIUM
Joomla! 3.9.0-3.9.23 - Cross-Site Scripting in mod_breadcrumbs aria-label Attribute
Jan 12, 2021
CVSS 6.1
EPSS 0.81
CVE-2021-23123
MEDIUM
Joomla! 3.0.0-3.9.23 - Unauthenticated Information Disclosure via com_modules orderPosition Endpoint
Jan 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-35616
HIGH
Joomla! 1.7.0-3.9.22 - Write ACL Violation via Improper Input Validation
Dec 28, 2020
CVSS 7.5
EPSS 0.06
CVE-2020-35615
MEDIUM
Joomla! 2.5.0-3.9.22 - Cross-Site Request Forgery in com_privacy Emailexport Feature
Dec 28, 2020
CVSS 6.3
EPSS 0.00
CVE-2020-35614
MEDIUM
Joomla! 3.9.0-3.9.22 - User Enumeration via Backend Login Page
Dec 28, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-35613
CRITICAL
Joomla! 3.0.0-3.9.22 - SQL Injection in Backend User List
Dec 28, 2020
CVSS 9.8
EPSS 0.28
CVE-2020-35612
HIGH
Joomla! 2.5.0-3.9.22 - Path Traversal via mod_random_image Folder Parameter
Dec 28, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-35611
HIGH
Joomla! 2.5.0-3.9.22 - Unauthenticated Exposure of Sensitive Information in Global Configuration Page
Dec 28, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-35610
HIGH
Joomla! 2.5.0-3.9.22 - Unauthenticated Information Disclosure via com_finder Autosuggestion
Dec 28, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-24599
MEDIUM
Joomla! 3.9.0-3.9.20 - Cross-Site Scripting in mod_latestactions
Aug 26, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-24598
MEDIUM
Joomla! 3.0.0-3.9.21 - Open Redirect in com_content Vote Feature
Aug 26, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-15700
MEDIUM
Joomla! 3.7.0-3.9.19 - Cross-Site Request Forgery via com_installer AJAX Install Endpoint
Jul 15, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-15699
MEDIUM
Joomla! 2.5.0-3.9.19 - Insufficient Verification of Data Authenticity in Usergroups Table
Jul 15, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-15698
MEDIUM
Joomla! 3.0.0-3.9.19 - Unprotected Credential Exposure in System Information Screen
Jul 15, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-15697
MEDIUM
Joomla! 3.0.0-3.9.19 - Variable Tampering via User Table Class
Jul 15, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-15696
MEDIUM
Joomla! 3.0.0-3.9.19 - Cross-Site Scripting in mod_random_image
Jul 15, 2020
CVSS 6.1
EPSS 0.03
CVE-2020-15695
MEDIUM
Joomla! 3.9.0-3.9.19 - Cross-Site Request Forgery in com_privacy Remove Request Feature
Jul 15, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-13763
HIGH
Joomla! < 3.9.19 - Unauthenticated HTML Injection via Global Textfilter Configuration
Jun 02, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13762
MEDIUM
Joomla! 3.9.0-3.9.18 - Cross-Site Scripting in com_modules Tag Option
Jun 02, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-13761
MEDIUM
Joomla! < 3.9.19 - Cross-Site Scripting in Articles Module Heading Tag Option
Jun 02, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-13760
HIGH
Joomla! < 3.9.19 - Cross-Site Request Forgery in com_postinstall
Jun 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-11891
MEDIUM
Joomla! <3.9.17 - Privilege Escalation
Apr 21, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-11890
MEDIUM
Joomla! < 3.9.17 - Improper Input Validation in Usergroup Table
Apr 21, 2020
CVSS 5.3
EPSS 0.03
Products
joomla\! 314
joomla 81
joomla-cms 8
bsq_sitestats 6
rs_gallery2 4
com_beamospetition 3
com_weblinks 3
framework 3
archive 2
com_astatspro 2
com_downloads 2
com_facileforms 2
com_mailto 2
com_pcchess 2
com_pccookbook 2
com_rapidrecipe 2
com_sef 2
filter 2
jd-wiki 2
joomla-platform 2
akobook 1
application 1
be_it_easypartner_component 1
bibtex 1
car_manager 1
classifieds_component 1
colophon 1
com_acajoom 1
com_acctexp 1
com_artistavenue 1
Quick Filters