joomla
547 tracked vulnerabilities.
CVE-2020-11889
MEDIUM
Joomla! <3.9.17 - Privilege Escalation
Apr 21, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10243
CRITICAL
Joomla! < 3.9.16 - SQL Injection in Featured Articles Menu Parameters
Mar 16, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-10242
MEDIUM
Joomla! < 3.9.16 - Cross-Site Scripting in Protostar and Beez3 CSS Selectors
Mar 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10241
HIGH
Joomla! 3.2.0-3.9.15 - Cross-Site Request Forgery in com_templates Image Actions
Mar 16, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-10240
MEDIUM
Joomla! 3.0.0-3.9.15 - User Identifier Collision via Missing Length Checks
Mar 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10239
HIGH
Joomla! 3.7.0-3.9.15 - Incorrect Access Control in com_fields SQL Fieldtype
Mar 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-10238
HIGH
Joomla! < 3.9.16 - Incorrect Access Control in com_templates
Mar 16, 2020
CVSS 7.5
EPSS 0.06
CVE-2020-8421
MEDIUM
Joomla! 3.9.0-3.9.14 - Cross-Site Scripting in com_actionlogs
Jan 28, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-8420
HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in LESS Compiler
Jan 28, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-8419
HIGH
Joomla! 3.0.0-3.9.14 - Cross-Site Request Forgery in Batch Actions
Jan 28, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-19846
CRITICAL
Joomla! < 3.9.14 - SQL Injection via Configuration Parameters
Dec 18, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-19845
MEDIUM
Joomla! 3.8.0-3.9.13 - Path Traversal in Logger Class
Dec 18, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-18674
MEDIUM
Joomla! 3.6.0-3.9.12 - Path Disclosure via phputf8 Mapping Files
Nov 06, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-18650
HIGH
Joomla! < 3.9.12 - Cross-Site Request Forgery in com_template
Nov 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-16725
MEDIUM
Joomla! 3.0.0-3.9.11 - Stored Cross-Site Scripting via Logo Parameter
Sep 24, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-15028
MEDIUM
Joomla! < 3.9.11 - Unauthenticated Mail Submission in Disabled Contact Forms
Aug 14, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-14654
HIGH
Joomla! 3.9.7-3.9.8 - Authenticated Remote Code Execution via Subform Filter Attribute
Aug 05, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-12766
MEDIUM
Joomla! 3.6.0-3.9.6 - Cross-Site Scripting in Subform Field
Jun 11, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-12765
CRITICAL
Joomla! 3.9.0-3.9.6 - CSV Injection in com_actionlogs Export
Jun 11, 2019
CVSS 9.8
EPSS 0.10
CVE-2019-12764
MEDIUM
Joomla! <3.9.7 - Privilege Escalation
Jun 11, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11809
MEDIUM
Joomla! 1.7.0-3.9.5 - Cross-Site Scripting in com_users Debug Views
May 20, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-11831
CRITICAL
PharStreamWrapper <2.1.1-3.1.1 - Path Traversal
May 09, 2019
CVSS 9.8
EPSS 0.06
CVE-2019-11358
MEDIUM
jQuery < 3.4.0 - Prototype Pollution via jQuery.extend
Apr 20, 2019
CVSS 6.1
EPSS 0.87
CVE-2019-10946
HIGH
Joomla! < 3.9.4 - Unauthenticated Critical Function Access via Helpsites Refresh Endpoint
Apr 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10945
CRITICAL
Joomla! < 3.9.4 - Path Traversal via Media Manager Folder Parameter
Apr 10, 2019
CVSS 9.8
EPSS 0.38
Products
joomla\! 314
joomla 81
joomla-cms 8
bsq_sitestats 6
rs_gallery2 4
com_beamospetition 3
com_weblinks 3
framework 3
archive 2
com_astatspro 2
com_downloads 2
com_facileforms 2
com_mailto 2
com_pcchess 2
com_pccookbook 2
com_rapidrecipe 2
com_sef 2
filter 2
jd-wiki 2
joomla-platform 2
akobook 1
application 1
be_it_easypartner_component 1
bibtex 1
car_manager 1
classifieds_component 1
colophon 1
com_acajoom 1
com_acctexp 1
com_artistavenue 1
Quick Filters