joomla

515 tracked vulnerabilities.

CVE-2016-10033 CRITICAL KEVNUCLEI
PHPMailer Sendmail Argument Injection
Dec 30, 2016
CVSS 9.8
EPSS 0.94
CVE-2016-9838 HIGH
Joomla! < 3.6.4 - Improper Access Control via Registration Form Session Data
Dec 16, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-9837 HIGH
Joomla! < 3.6.4 - Unauthenticated Unprotected Article Exposure via Beez3 Template Override
Dec 16, 2016
CVSS 7.5
EPSS 0.00
CVE-2016-9836 CRITICAL
Joomla! < 3.6.4 - Unauthenticated Arbitrary PHP File Upload via Alternative Extensions
Dec 05, 2016
CVSS 9.8
EPSS 0.00
CVE-2016-8870 HIGH
Joomla! < 3.6.3 - Unauthenticated User Account Creation via UsersModelRegistration
Nov 04, 2016
CVSS 8.1
EPSS 0.92
CVE-2016-8869 CRITICAL
Joomla! <3.6.4 - Privilege Escalation
Nov 04, 2016
CVSS 9.8
EPSS 0.92
CVE-2015-5608 MEDIUM
Joomla! 3.0.0-3.4.1 - Open Redirect
Sep 20, 2017
CVSS 6.1
EPSS 0.00
CVE-2015-8769 HIGH
Joomla! 3.x < 3.4.7 - SQL Injection
Jan 12, 2016
CVSS 7.3
EPSS 0.01
CVE-2015-8566
Joomla Session < 1.3.1 - Remote Code Execution via Session Values
Dec 16, 2015
EPSS 0.01
CVE-2015-8565
Joomla! 3.2.0-3.3.x and 3.4.x < 3.4.6 - Directory Traversal
Dec 16, 2015
EPSS 0.00
CVE-2015-8564
Joomla! 3.4.x - Directory Traversal via XML Install File in Extension Package
Dec 16, 2015
EPSS 0.00
CVE-2015-8563
Joomla! 3.2.0-3.4.5 - Cross-Site Request Forgery in com_templates
Dec 16, 2015
EPSS 0.00
CVE-2015-8562 NUCLEI
Joomla! 1.5.x-3.4.5 - Unauthenticated Remote Code Execution via HTTP User-Agent Header
Dec 16, 2015
EPSS 0.93
CVE-2015-7899
Joomla! 3.x - Improper Access Control in com_content Component
Oct 29, 2015
EPSS 0.00
CVE-2015-7859
Joomla! 3.2-3.4.4 - Unauthorized Sensitive Information Exposure via com_contenthistory Component
Oct 29, 2015
EPSS 0.00
CVE-2015-7858
Joomla! 3.2-3.4.3 - SQL Injection
Oct 29, 2015
EPSS 0.69
CVE-2015-7857
Joomla! 3.2-3.4.4 - SQL Injection via list[select] Parameter
Oct 29, 2015
EPSS 0.72
CVE-2015-7297 NUCLEI
Joomla! 3.2-3.4.3 - SQL Injection
Oct 29, 2015
EPSS 0.92
CVE-2015-6939
Joomla! 3.4.x < 3.4.4 - Cross-Site Scripting in Login Module
Sep 18, 2015
EPSS 0.00
CVE-2015-5397
Joomla! 3.2.0-3.3.x and 3.4.x < 3.4.2 - Cross-Site Request Forgery
Jul 14, 2015
EPSS 0.00
CVE-2015-4654
Joomla! EQ Event Calendar - SQL Injection via id Parameter
Jun 18, 2015
EPSS 0.00
CVE-2014-7228
Akeeba Restore <3.3.4 - Info Disclosure
Nov 03, 2014
EPSS 0.06
CVE-2014-7984
Joomla! 2.5.x-2.5.18 and 3.x-3.2.2 - Unauthenticated Authentication Bypass via GMail Authentication
Oct 08, 2014
EPSS 0.00
CVE-2014-7983
Joomla! 3.1.2-3.2.x - Cross-Site Scripting in com_contact
Oct 08, 2014
EPSS 0.00
CVE-2014-7982
Joomla! 2.5.x-2.5.18 and 3.x-3.2.2 - Cross-Site Scripting
Oct 08, 2014
EPSS 0.00
Products
joomla\! 282 joomla 81 joomla-cms 8 bsq_sitestats 6 rs_gallery2 4 com_beamospetition 3 com_weblinks 3 framework 3 archive 2 com_astatspro 2 com_downloads 2 com_facileforms 2 com_mailto 2 com_pcchess 2 com_pccookbook 2 com_rapidrecipe 2 com_sef 2 filter 2 jd-wiki 2 joomla-platform 2 akobook 1 application 1 be_it_easypartner_component 1 bibtex 1 car_manager 1 classifieds_component 1 colophon 1 com_acajoom 1 com_acctexp 1 com_artistavenue 1
Quick Filters
Critical CVEs With Exploits In CISA KEV