joomla

547 tracked vulnerabilities.

CVE-2017-7987 MEDIUM
Joomla! 3.2.0-3.6.5 - Cross-Site Scripting in Template Manager Component
Apr 25, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7986 MEDIUM
Joomla! 1.5.0-3.6.5 - Cross-Site Scripting via Inadequate HTML Attribute Filtering
Apr 25, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7985 MEDIUM
Joomla! 1.5.0-3.6.5 - Cross-Site Scripting via Multibyte Character Filter Bypass
Apr 25, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7984 MEDIUM
Joomla! 3.2.0-3.6.5 - Stored Cross-Site Scripting in Template Manager
Apr 25, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7983 MEDIUM
Joomla! 1.5.0-3.6.5 - Information Disclosure via JMail API
Apr 25, 2017
CVSS 5.3
EPSS 0.01
CVE-2016-9081 CRITICAL
Joomla! <3.6.3 - Privilege Escalation
Jan 23, 2017
CVSS 9.8
EPSS 0.02
CVE-2016-10045 CRITICAL
PHPMailer < 5.2.20 - Remote Code Execution via Sendmail Argument Injection
Dec 30, 2016
CVSS 9.8
EPSS 0.98
CVE-2016-10033 CRITICAL KEVNUCLEI
PHPMailer Sendmail Argument Injection
Dec 30, 2016
CVSS 9.8
EPSS 1.00
CVE-2016-9838 HIGH
Joomla! < 3.6.4 - Improper Access Control via Registration Form Session Data
Dec 16, 2016
CVSS 7.5
EPSS 0.14
CVE-2016-9837 HIGH
Joomla! < 3.6.4 - Unauthenticated Unprotected Article Exposure via Beez3 Template Override
Dec 16, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-9836 CRITICAL
Joomla! < 3.6.4 - Unauthenticated Arbitrary PHP File Upload via Alternative Extensions
Dec 05, 2016
CVSS 9.8
EPSS 0.02
CVE-2016-8870 HIGH
Joomla! < 3.6.3 - Unauthenticated User Account Creation via UsersModelRegistration
Nov 04, 2016
CVSS 8.1
EPSS 0.82
CVE-2016-8869 CRITICAL
Joomla! <3.6.4 - Privilege Escalation
Nov 04, 2016
CVSS 9.8
EPSS 0.97
CVE-2015-5608 MEDIUM
Joomla! 3.0.0-3.4.1 - Open Redirect
Sep 20, 2017
CVSS 6.1
EPSS 0.01
CVE-2015-8769 HIGH
Joomla! 3.x < 3.4.7 - SQL Injection
Jan 12, 2016
CVSS 7.3
EPSS 0.01
CVE-2015-8566
Joomla Session < 1.3.1 - Remote Code Execution via Session Values
Dec 16, 2015
EPSS 0.08
CVE-2015-8565
Joomla! 3.2.0-3.3.x and 3.4.x < 3.4.6 - Directory Traversal
Dec 16, 2015
EPSS 0.03
CVE-2015-8564
Joomla! 3.4.x - Directory Traversal via XML Install File in Extension Package
Dec 16, 2015
EPSS 0.03
CVE-2015-8563
Joomla! 3.2.0-3.4.5 - Cross-Site Request Forgery in com_templates
Dec 16, 2015
EPSS 0.01
CVE-2015-8562 NUCLEI
Joomla! 1.5.x-3.4.5 - Unauthenticated Remote Code Execution via HTTP User-Agent Header
Dec 16, 2015
EPSS 0.98
CVE-2015-7899
Joomla! 3.x - Improper Access Control in com_content Component
Oct 29, 2015
EPSS 0.02
CVE-2015-7859
Joomla! 3.2-3.4.4 - Unauthorized Sensitive Information Exposure via com_contenthistory Component
Oct 29, 2015
EPSS 0.02
CVE-2015-7858
Joomla! 3.2-3.4.3 - SQL Injection
Oct 29, 2015
EPSS 0.85
CVE-2015-7857
Joomla! 3.2-3.4.4 - SQL Injection via list[select] Parameter
Oct 29, 2015
EPSS 0.94
CVE-2015-7297 NUCLEI
Joomla! 3.2-3.4.3 - SQL Injection
Oct 29, 2015
EPSS 1.00