joomla
547 tracked vulnerabilities.
CVE-2018-11328
MEDIUM
Joomla! < 3.8.8 - Cross-Site Scripting via Unescaped User-Info in Redirect URI
May 22, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-11327
MEDIUM
Joomla! < 3.8.8 - Unauthorized Exposure of Sensitive Tag Information
May 22, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-11326
MEDIUM
Joomla! < 3.8.8 - Cross-Site Scripting
May 22, 2018
CVSS 4.8
EPSS 0.01
CVE-2018-11325
CRITICAL
Joomla! < 3.8.8 - Plaintext Password Exposure in Web Installer
May 22, 2018
CVSS 9.8
EPSS 0.04
CVE-2018-11324
MEDIUM
Joomla! < 3.8.8 - Session Deletion Race Condition
May 22, 2018
CVSS 5.9
EPSS 0.01
CVE-2018-11323
HIGH
Joomla! < 3.8.8 - Improper Privilege Management
May 22, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-11322
HIGH
Joomla! < 3.8.8 - Unrestricted Upload of PHAR Files
May 22, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-11321
MEDIUM
Joomla! < 3.8.8 - Authenticated Remote Code Execution via Custom Field Filter Manipulation
May 22, 2018
CVSS 6.5
EPSS 0.02
CVE-2018-8045
HIGH
Joomla! 3.5.0-3.8.5 - SQL Injection in User Notes List View
Mar 15, 2018
CVSS 8.8
EPSS 0.29
CVE-2018-6380
MEDIUM
Joomla! < 3.8.4 - Cross-Site Scripting in Module Chromes
Jan 30, 2018
CVSS 6.1
EPSS 0.02
CVE-2018-6379
MEDIUM
Joomla! < 3.8.4 - Cross-Site Scripting via Uri Class Input Filtering
Jan 30, 2018
CVSS 6.1
EPSS 0.02
CVE-2018-6377
MEDIUM
Joomla! < 3.8.4 - Cross-Site Scripting in com_fields List Radio and Checkbox Types
Jan 30, 2018
CVSS 6.1
EPSS 0.58
CVE-2018-6376
CRITICAL
Joomla! < 3.8.4 - SQL Injection in Hathor Postinstall Message
Jan 30, 2018
CVSS 9.8
EPSS 0.05
CVE-2017-16634
CRITICAL
Joomla! 3.2.0-3.8.1 - 2-Factor Authentication Bypass
Nov 10, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-16633
MEDIUM
Joomla! 3.7.0-3.8.1 - Unauthorized Information Disclosure in com_fields
Nov 10, 2017
CVSS 4.3
EPSS 0.02
CVE-2017-14596
CRITICAL
Joomla! - LDAP Injection via Authentication Plugin
Sep 20, 2017
CVSS 9.8
EPSS 0.06
CVE-2017-14595
LOW
Joomla! - Information Disclosure via Archived Article SQL Query
Sep 20, 2017
CVSS 3.7
EPSS 0.02
CVE-2017-11364
HIGH
Joomla! - Authenticated Application Takeover via Certificate Transparency Log Abuse
Aug 02, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-11612
MEDIUM
Joomla! - Cross-Site Scripting via Inadequate HTML Tag Filtering
Jul 26, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-9934
MEDIUM
Joomla! 1.7.3-3.7.2 - Cross-Site Scripting via Missing CSRF Token Checks
Jul 17, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-9933
HIGH
Joomla! 1.7.3-3.7.2 - Unauthorized Information Exposure via Cache Invalidation
Jul 17, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-8917
CRITICAL
NUCLEI
Joomla! 3.7.x - SQL Injection
May 17, 2017
CVSS 9.8
EPSS 1.00
CVE-2017-8057
MEDIUM
Joomla! 3.4.0-3.6.5 - Unauthenticated Sensitive Information Exposure via Error Reporting
Apr 25, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-7989
MEDIUM
Joomla! 3.2.0-3.6.5 - Unrestricted Upload of Dangerous File Type via Inadequate MIME Check
Apr 25, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-7988
MEDIUM
Joomla! 1.6.0-3.6.5 - ACL Violation via Article Author Overwrite
Apr 25, 2017
CVSS 5.3
EPSS 0.01
Products
joomla\! 314
joomla 81
joomla-cms 8
bsq_sitestats 6
rs_gallery2 4
com_beamospetition 3
com_weblinks 3
framework 3
archive 2
com_astatspro 2
com_downloads 2
com_facileforms 2
com_mailto 2
com_pcchess 2
com_pccookbook 2
com_rapidrecipe 2
com_sef 2
filter 2
jd-wiki 2
joomla-platform 2
akobook 1
application 1
be_it_easypartner_component 1
bibtex 1
car_manager 1
classifieds_component 1
colophon 1
com_acajoom 1
com_acctexp 1
com_artistavenue 1
Quick Filters