joomla

515 tracked vulnerabilities.

CVE-2020-8421 MEDIUM
Joomla! 3.9.0-3.9.14 - Cross-Site Scripting in com_actionlogs
Jan 28, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-8420 HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in LESS Compiler
Jan 28, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-8419 HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in Batch Actions
Jan 28, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-19846 CRITICAL
Joomla! < 3.9.14 - SQL Injection via Configuration Parameters
Dec 18, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-19845 MEDIUM
Joomla! 3.8.0-3.9.13 - Path Traversal in Logger Class
Dec 18, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-18674 MEDIUM
Joomla! 3.6.0-3.9.12 - Path Disclosure via phputf8 Mapping Files
Nov 06, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-18650 HIGH
Joomla! < 3.9.12 - Cross-Site Request Forgery in com_template
Nov 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-16725 MEDIUM
Joomla! 3.0.0-3.9.11 - Stored Cross-Site Scripting via Logo Parameter
Sep 24, 2019
CVSS 6.1
EPSS 0.04
CVE-2019-15028 MEDIUM
Joomla! < 3.9.11 - Unauthenticated Mail Submission in Disabled Contact Forms
Aug 14, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-14654 HIGH
Joomla! 3.9.7-3.9.8 - Authenticated Remote Code Execution via Subform Filter Attribute
Aug 05, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-12766 MEDIUM
Joomla! 3.6.0-3.9.6 - Cross-Site Scripting in Subform Field
Jun 11, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-12765 CRITICAL
Joomla! 3.9.0-3.9.6 - CSV Injection in com_actionlogs Export
Jun 11, 2019
CVSS 9.8
EPSS 0.24
CVE-2019-12764 MEDIUM
Joomla! <3.9.7 - Privilege Escalation
Jun 11, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-11809 MEDIUM
Joomla! 1.7.0-3.9.5 - Cross-Site Scripting in com_users Debug Views
May 20, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-11831 CRITICAL
PharStreamWrapper <2.1.1-3.1.1 - Path Traversal
May 09, 2019
CVSS 9.8
EPSS 0.10
CVE-2019-11358 MEDIUM
jQuery < 3.4.0 - Prototype Pollution via jQuery.extend
Apr 20, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-10946 HIGH
Joomla! < 3.9.4 - Unauthenticated Critical Function Access via Helpsites Refresh Endpoint
Apr 10, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10945 CRITICAL
Joomla! < 3.9.4 - Path Traversal via Media Manager Folder Parameter
Apr 10, 2019
CVSS 9.8
EPSS 0.81
CVE-2019-9714 MEDIUM
Joomla! 3.0.0-3.9.3 - Cross-Site Scripting in Media Form Field
Mar 12, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-9713 HIGH
Joomla! < 3.9.4 - Missing Authorization in Sample Data Plugins
Mar 12, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-9712 MEDIUM
Joomla! 3.2.0-3.9.3 - Cross-Site Scripting in com_config JSON Handler
Mar 12, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-9711 MEDIUM
Joomla! 3.0.0-3.9.3 - Cross-Site Scripting in Item Title Layout
Mar 12, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-7744 MEDIUM
Joomla! 2.5.0-3.9.2 - Cross-Site Scripting via URL Field Filtering Bypass
Feb 12, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-7743 CRITICAL
Joomla! 2.5.0-3.9.2 - Deserialization of Untrusted Data via phar:// Stream Wrapper
Feb 12, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-7742 MEDIUM
Joomla! < 3.9.2 - Cross-Site Scripting via MIME-Type Sniffing
Feb 12, 2019
CVSS 6.1
EPSS 0.00
Products
joomla\! 282 joomla 81 joomla-cms 8 bsq_sitestats 6 rs_gallery2 4 com_beamospetition 3 com_weblinks 3 framework 3 archive 2 com_astatspro 2 com_downloads 2 com_facileforms 2 com_mailto 2 com_pcchess 2 com_pccookbook 2 com_rapidrecipe 2 com_sef 2 filter 2 jd-wiki 2 joomla-platform 2 akobook 1 application 1 be_it_easypartner_component 1 bibtex 1 car_manager 1 classifieds_component 1 colophon 1 com_acajoom 1 com_acctexp 1 com_artistavenue 1
Quick Filters
Critical CVEs With Exploits In CISA KEV