joomla

547 tracked vulnerabilities.

CVE-2020-11889 MEDIUM
Joomla! <3.9.17 - Privilege Escalation
Apr 21, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10243 CRITICAL
Joomla! < 3.9.16 - SQL Injection in Featured Articles Menu Parameters
Mar 16, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-10242 MEDIUM
Joomla! < 3.9.16 - Cross-Site Scripting in Protostar and Beez3 CSS Selectors
Mar 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10241 HIGH
Joomla! 3.2.0-3.9.15 - Cross-Site Request Forgery in com_templates Image Actions
Mar 16, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-10240 MEDIUM
Joomla! 3.0.0-3.9.15 - User Identifier Collision via Missing Length Checks
Mar 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10239 HIGH
Joomla! 3.7.0-3.9.15 - Incorrect Access Control in com_fields SQL Fieldtype
Mar 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-10238 HIGH
Joomla! < 3.9.16 - Incorrect Access Control in com_templates
Mar 16, 2020
CVSS 7.5
EPSS 0.06
CVE-2020-8421 MEDIUM
Joomla! 3.9.0-3.9.14 - Cross-Site Scripting in com_actionlogs
Jan 28, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-8420 HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in LESS Compiler
Jan 28, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-8419 HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in Batch Actions
Jan 28, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-19846 CRITICAL
Joomla! < 3.9.14 - SQL Injection via Configuration Parameters
Dec 18, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-19845 MEDIUM
Joomla! 3.8.0-3.9.13 - Path Traversal in Logger Class
Dec 18, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-18674 MEDIUM
Joomla! 3.6.0-3.9.12 - Path Disclosure via phputf8 Mapping Files
Nov 06, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-18650 HIGH
Joomla! < 3.9.12 - Cross-Site Request Forgery in com_template
Nov 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-16725 MEDIUM
Joomla! 3.0.0-3.9.11 - Stored Cross-Site Scripting via Logo Parameter
Sep 24, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-15028 MEDIUM
Joomla! < 3.9.11 - Unauthenticated Mail Submission in Disabled Contact Forms
Aug 14, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-14654 HIGH
Joomla! 3.9.7-3.9.8 - Authenticated Remote Code Execution via Subform Filter Attribute
Aug 05, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-12766 MEDIUM
Joomla! 3.6.0-3.9.6 - Cross-Site Scripting in Subform Field
Jun 11, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-12765 CRITICAL
Joomla! 3.9.0-3.9.6 - CSV Injection in com_actionlogs Export
Jun 11, 2019
CVSS 9.8
EPSS 0.10
CVE-2019-12764 MEDIUM
Joomla! <3.9.7 - Privilege Escalation
Jun 11, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11809 MEDIUM
Joomla! 1.7.0-3.9.5 - Cross-Site Scripting in com_users Debug Views
May 20, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-11831 CRITICAL
PharStreamWrapper <2.1.1-3.1.1 - Path Traversal
May 09, 2019
CVSS 9.8
EPSS 0.06
CVE-2019-11358 MEDIUM
jQuery < 3.4.0 - Prototype Pollution via jQuery.extend
Apr 20, 2019
CVSS 6.1
EPSS 0.87
CVE-2019-10946 HIGH
Joomla! < 3.9.4 - Unauthenticated Critical Function Access via Helpsites Refresh Endpoint
Apr 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10945 CRITICAL
Joomla! < 3.9.4 - Path Traversal via Media Manager Folder Parameter
Apr 10, 2019
CVSS 9.8
EPSS 0.38