joomla

547 tracked vulnerabilities.

CVE-2019-9714 MEDIUM
Joomla! 3.0.0-3.9.3 - Cross-Site Scripting in Media Form Field
Mar 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-9713 HIGH
Joomla! < 3.9.4 - Missing Authorization in Sample Data Plugins
Mar 12, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-9712 MEDIUM
Joomla! 3.2.0-3.9.3 - Cross-Site Scripting in com_config JSON Handler
Mar 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-9711 MEDIUM
Joomla! 3.0.0-3.9.3 - Cross-Site Scripting in Item Title Layout
Mar 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-7744 MEDIUM
Joomla! 2.5.0-3.9.2 - Cross-Site Scripting via URL Field Filtering Bypass
Feb 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-7743 CRITICAL
Joomla! 2.5.0-3.9.2 - Deserialization of Untrusted Data via phar:// Stream Wrapper
Feb 12, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-7742 MEDIUM
Joomla! < 3.9.2 - Cross-Site Scripting via MIME-Type Sniffing
Feb 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-7741 MEDIUM
Joomla! 2.5.0-3.9.2 - Stored Cross-Site Scripting in Global Configuration Help URL
Feb 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-7740 MEDIUM
Joomla! 2.5.0-3.9.2 - Cross-Site Scripting in core.js writeDynaList
Feb 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-7739 MEDIUM
Joomla! < 3.9.2 - Unintended Text Filter Override in Global Configuration
Feb 12, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6264 MEDIUM
Joomla! < 3.9.2 - Stored Cross-Site Scripting in mod_banners
Jan 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6263 MEDIUM
Joomla! < 3.9.2 - Stored Cross-Site Scripting in Global Configuration Text Filter Settings
Jan 16, 2019
CVSS 4.8
EPSS 0.04
CVE-2019-6262 MEDIUM
Joomla! < 3.9.2 - Stored Cross-Site Scripting in Global Configuration Help URL
Jan 16, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-6261 MEDIUM
Joomla! 2.5.0-3.9.1 - Stored Cross-Site Scripting in com_contact
Jan 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-17859 MEDIUM
Joomla! < 3.8.13 - Unauthenticated Mail Submission in Disabled Contact Forms
Oct 09, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-17858 HIGH
Joomla! < 3.8.13 - Cross-Site Request Forgery in com_installer
Oct 09, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-17857 MEDIUM
Joomla! < 3.8.13 - Incorrect Authorization in Tags Search Fields
Oct 09, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-17856 HIGH
Joomla! < 3.8.13 - Authenticated Remote Code Execution via com_joomlaupdate
Oct 09, 2018
CVSS 7.2
EPSS 0.03
CVE-2018-17855 HIGH
Joomla! <3.8.13 - Privilege Escalation
Oct 09, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-15882 CRITICAL
Joomla! < 3.8.12 - Unrestricted Upload of File with Dangerous Type via PHAR File Bypass
Aug 29, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-15881 HIGH
Joomla! <3.8.12 - Privilege Escalation
Aug 29, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-15880 MEDIUM
Joomla! < 3.8.12 - Stored Cross-Site Scripting in User Profile Page
Aug 29, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-12712 HIGH
Joomla! <3.8.9 - Local File Inclusion
Jun 26, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-12711 MEDIUM
Joomla! 1.6.0-3.8.8 - Reflected Cross-Site Scripting in Language Switcher Module
Jun 26, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-6378 MEDIUM
Joomla! < 3.8.8 - Cross-Site Scripting in Media Manager
May 22, 2018
CVSS 6.1
EPSS 0.01