Joomla Joomla\![20231101] - Core - Exposure of environment variables
Joomla Joomla\![20230502] - Core - Bruteforce prevention within the mfa screen
composer/joomla/archive[20220301] - Core - Zip Slip within the Tar extractor
Joomla Joomla\![20210704] - Core - Privilege escalation through com_installer
Joomla Joomla\![20210702] - Core - DoS through usergroup table manipulation
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hi…
Joomla Joomla\![20210305] - Core - Input validation within the template manager
Joomla Joomla\![20210306] - Core - com_media allowed paths that are not intended for image uploads
Joomla Joomla\![20201102] - Core - Disclosure of secrets in Global Configuration page
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\![20201101] - Core - com_finder ignores access levels on autosuggest
Joomla Joomla\![20201107] - Core - Write ACL violation in multiple core views
Joomla Joomla\![20201103] - Core - Path traversal in mod_random_image
Joomla Joomla\!In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block H…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of c…
Joomla Joomla\!An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!Joomla! core before 2.5.3 allows unauthorized password change.
Joomla Joomla\!CVE-2012-1563
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to …
Joomla Joomla\!An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_use…
Oracle Application Testing SuiteXSS, Input Validation
Joomla Joomla\!An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing u…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of …
composer/joomla/frameworkAn issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary…
Joomla Joomla\!An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can le…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the …
Joomla Joomla\!CVE-2017-11364
Joomla Joomla\!An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Joomla Joomla\!An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Inc…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.