Filter
AND

Joomla Joomla\![20240701] - Core - XSS in accessible media selection field

First published (updated )

Joomla Joomla\![20240702] - Core - Self-XSS in fancyselect list field layout

First published (updated )

Joomla Joomla\![20240704] - Core - XSS in Wrapper extensions

First published (updated )

Joomla Joomla\![20240705] - Core - XSS in com_fields default field value

First published (updated )

Joomla Joomla\![20240703] - Core - XSS in StringHelper::truncate method

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Joomla Joomla\![20231101] - Core - Exposure of environment variables

7.5
First published (updated )

Joomla Joomla\![20230501] - Core - Open Redirect and XSS within the mfa select

First published (updated )

Joomla Joomla\![20230502] - Core - Bruteforce prevention within the mfa screen

7.5
First published (updated )

Joomla Joomla\![20230201] - Core - Improper access check in webservice endpoints

First published (updated )

Joomla Joomla\![20230102] - Core - Missing ACL checks for com_actionlogs

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Joomla Joomla\![20230101] - Core - CSRF within post-installation messages

First published (updated )

Joomla Joomla\![20221101] - Core - RXSS through reflection of user input in com_media

First published (updated )

Joomla Joomla\![20221002] - Core - RXSS through reflection of user input in headings

First published (updated )

Joomla Joomla\![20221001] - Core - Debug Mode leaks full request payloads including passwords

First published (updated )

Joomla Joomla\![20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Joomla Joomla\![20220309] - Core - XSS attack vector through SVG

First published (updated )

Joomla Joomla\![20220306] - Core - Inadequate validation of internal URLs

First published (updated )

Joomla Joomla\![20220304] - Core - Missing input validation within com_fields class inputs

First published (updated )

Joomla Joomla\![20220303] - Core - User row are not bound to a authentication mechanism

First published (updated )

composer/joomla/filter[20220308] - Core - Inadequate content filtering within the filter code

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/joomla/filesystem[20220302] - Core - Path Disclosure within filesystem error messages

First published (updated )

composer/joomla/input[20220307] - Core - Variable Tampering on JInput $_REQUEST data

First published (updated )

composer/joomla/archive[20220301] - Core - Zip Slip within the Tar extractor

7.5
First published (updated )

Joomla Joomla\![20220305] - Core - Inadequate filtering on the selected Ids

First published (updated )

Joomla Joomla\![20210801] - Core - Insufficient access control for com_media deletion endpoint

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Joomla Joomla\![20210705] - Core - XSS in com_media imagelist

First published (updated )

Joomla Joomla\![20210704] - Core - Privilege escalation through com_installer

7.5
First published (updated )

Joomla Joomla\![20210703] - Core - Lack of enforced session termination

First published (updated )

Joomla Joomla\![20210702] - Core - DoS through usergroup table manipulation

7.5
First published (updated )

Joomla Joomla\![20210701] - Core - XSS in JForm Rules field

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203