MidnightBSD

Advisories for joomla

CVE-2005-3771 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF".

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.2
joomla joomla 1.0
joomla joomla 1.0.3
CVE-2005-3772 HIGH

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.2
joomla joomla 1.0
joomla joomla 1.0.3
CVE-2005-3773 HIGH

Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.2
joomla joomla 1.0
joomla joomla 1.0.3
CVE-2005-4650 MEDIUM

Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,CWE-770,

Products Affected

Vendor Product Version
joomla joomla! 1.0.3
CVE-2006-0114 MEDIUM

The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
joomla joomla 1.0.5
CVE-2006-0303 HIGH

Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.2
joomla joomla 1.0
joomla joomla 1.0.5
joomla joomla 1.0.3
CVE-2006-1027 MEDIUM

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.7
CVE-2006-1028 HIGH

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.7
CVE-2006-1029 MEDIUM

The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.7
CVE-2006-1030 MEDIUM

Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.7
CVE-2006-1047 HIGH

Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.0
joomla joomla 1.0.2
joomla joomla 1.0.5
joomla joomla 1.0.6
joomla joomla 1.0.7
joomla joomla 1.0.3
CVE-2006-1048 MEDIUM

Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.2
joomla joomla 1.0
joomla joomla 1.0.5
joomla joomla 1.0.6
joomla joomla 1.0.7
joomla joomla 1.0.3
CVE-2006-1049 HIGH

Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.0
joomla joomla 1.0.2
joomla joomla *
joomla joomla 1.0.5
joomla joomla 1.0.6
joomla joomla 1.0.3
CVE-2006-1956 MEDIUM

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mambo mambo 4.5.3h
joomla joomla 1.0.7
CVE-2006-1957 MEDIUM

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
mambo-foundation mambo -
CVE-2006-2960 HIGH

PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0
CVE-2006-3480 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.8
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.2
joomla joomla 1.0.9
joomla joomla 1.0
joomla joomla 1.0.5
joomla joomla 1.0.7
joomla joomla 1.0.3
CVE-2006-3481 HIGH

Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla 1.0.8
joomla joomla 1.0.1
joomla joomla 1.0.4
joomla joomla 1.0.2
joomla joomla 1.0.9
joomla joomla 1.0
joomla joomla 1.0.5
joomla joomla 1.0.7
joomla joomla 1.0.3
CVE-2006-3530 MEDIUM

PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.php in the PccookBook Component for Mambo and Joomla 0.3 and possibly up to 1.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
joomla pc_cookbook 1.3.1
joomla pc_cookbook 0.3
CVE-2006-3774 MEDIUM

PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
joomla performs_component *
CVE-2006-3970 HIGH

PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla lmo *
CVE-2006-4074 MEDIUM

PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd-wiki) 1.0.2 and earlier for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
joomla jd-wiki *
CVE-2006-4269 HIGH

PHP remote file inclusion vulnerability in admin.x-shop.php in the x-shop component (com_x-shop) 1.7 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third party researchers, stating that there is no mosConfig_absolute_path parameter and no admin.x-shop.php file in the reported package

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mambo x-shop_component *
joomla x-shop_component *
CVE-2006-4378 HIGH

Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla rssxt_component *
joomla rssxt_component 1.0
CVE-2006-4556 HIGH

PHP remote file inclusion vulnerability in index.php in the JIM component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has stated that the product distribution does not include an index.php file. Also, this might be related to CVE-2006-4242

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla jim_component *
mambo jim_component *
CVE-2006-4992 HIGH

Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) wp-comments-post.php, (2) wp-feed.php, or (3) wp-trackback.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla jd-wordpress 2.0.1.0_rc2
CVE-2006-4995 HIGH

PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla bsq_sitestats 2.1.1
CVE-2006-4996 HIGH

Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attackers to have an unknown impact, related to "Joomla globals hacked by script kiddies."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomlalib *
joomla joomlalib 1.1.1_beta
joomla joomlalib 1.0.0_alpha
CVE-2006-5039 HIGH

Unspecified vulnerability in Events 1.3 beta module (com_events) for Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla events_module 1.3_beta
joomla com_events 1.3
CVE-2006-5040 HIGH

Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla com_sef *
joomla sef4040x *
CVE-2006-5041 HIGH

Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla hot_properties *
joomla com_hotproperties *
CVE-2006-5042 HIGH

Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier for Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla com_mosmedia *
joomla mosmedia *
CVE-2006-5044 HIGH

Unspecified vulnerability in Prince Clan (Princeclan) Chess component (com_pcchess) 0.8 and earlier for Mambo and Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla prince_clan_chess_component *
mambo prince_clan_chess_component *
CVE-2006-5046 HIGH

Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of "hardened language files."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla rs_gallery2 1.10.14_alpha
joomla rs_gallery2 1.11.1_alpha
joomla rs_gallery2 *
joomla rs_gallery2 1.10.12_alpha
joomla rs_gallery2 1.10.13_alpha
joomla rs_gallery2 1.10.1_alpha
joomla rs_gallery2 1.11.0_alpha
joomla rs_gallery2 1.9.4_alpha
joomla rs_gallery2 1.10.3_alpha
joomla rs_gallery2 1.10.8_alpha
joomla rs_gallery2 1.10.9_alpha
joomla rs_gallery2 1.11.2_alpha
joomla rs_gallery2 1.10.6_alpha
joomla rs_gallery2 1.10.10_alpha
joomla rs_gallery2 1.9.5_alpha
joomla rs_gallery2 1.10.11_alpha
joomla rs_gallery2 1.10.4_alpha
joomla rs_gallery2 1.10.5_alpha
joomla rs_gallery2 1.10.2_alpha
joomla rs_gallery2 1.10.7_alpha
CVE-2006-5047 HIGH

Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 component (com_rsgallery2) before 1.11.3 for Joomla! allows attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla rs_gallery2 1.10.14_alpha
joomla rs_gallery2 1.11.1_alpha
joomla rs_gallery2 *
joomla rs_gallery2 1.10.12_alpha
joomla rs_gallery2 1.10.13_alpha
joomla rs_gallery2 1.10.1_alpha
joomla rs_gallery2 1.11.0_alpha
joomla rs_gallery2 1.9.4_alpha
joomla rs_gallery2 1.10.3_alpha
joomla rs_gallery2 1.10.8_alpha
joomla rs_gallery2 1.10.9_alpha
joomla rs_gallery2 1.10.6_alpha
joomla rs_gallery2 1.10.10_alpha
joomla rs_gallery2 1.9.5_alpha
joomla rs_gallery2 1.10.11_alpha
joomla rs_gallery2 1.10.4_alpha
joomla rs_gallery2 1.10.5_alpha
joomla rs_gallery2 1.10.2_alpha
joomla rs_gallery2 1.10.7_alpha
CVE-2006-5049 HIGH

Unspecified vulnerability in Classifieds (com_classifieds) component 1.3 and earlier for Joomla! has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla classifieds_component *
joomla com_classifieds *
CVE-2007-2196 MEDIUM

PHP remote file inclusion vulnerability in jambook.php in the Jambook (com_Jambook) 1.0 beta7 module for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by a reliable third party because the jambook.php protects against direct request

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla jambook 1.0_beta_7
mambo jambook 1.0_beta_7
CVE-2007-5389 MEDIUM

PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: a reliable third party disputes this issue because preview.php tests a certain constant to prevent direct requests

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
swmenupro swmenufree 4.6
joomla joomla *
CVE-2008-4122 MEDIUM

Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
joomla joomla! 1.5.8
CVE-2010-0373 HIGH

SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_libros *
CVE-2010-0461 MEDIUM

SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_casino 1.0
CVE-2010-1649 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "various administrator screens," possibly the search parameter in administrator/index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2010-1739 HIGH

SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_newsfeeds *
CVE-2010-2535 LOW

Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2010-2679 HIGH

SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
joomla com_weblinks *
CVE-2010-2681 HIGH

PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
joomla com_sef *
CVE-2010-3712 MEDIUM

Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2010-4166 HIGH

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2010-4696 HIGH

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2010-4938 HIGH

SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_weblinks *
CVE-2010-4944 HIGH

SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_elite_experts *
CVE-2010-4945 HIGH

SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla com_camelcitydb2 2.2
CVE-2011-0005 MEDIUM

Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla com_search *
CVE-2011-2488 MEDIUM

Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! *
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2011-2509 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as demonstrated by the Itemid parameter to index.php; (2) the query string to the com_content component, as demonstrated by the filter_order parameter to index.php; (3) the query string to the com_newsfeeds component, as demonstrated by an arbitrary parameter to index.php; or (4) the option parameter in a reset.request action to index.php; and, when Internet Explorer or Konqueror is used, (5) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.22
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! *
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.6.1
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.23
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.6
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.14
joomla joomla! 1.6.0
joomla joomla! 1.5.5
CVE-2011-2710 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.22
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! *
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.6.1
joomla joomla! 1.6.4
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.23
joomla joomla! 1.6.5
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.6
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.6.3
joomla joomla! 1.5.14
joomla joomla! 1.6.0
joomla joomla! 1.5.5
CVE-2011-2889 MEDIUM

templates/system/error.php in Joomla! before 1.5.23 might allow remote attackers to obtain sensitive information via unspecified vectors that trigger an undefined value of a certain error field, leading to disclosure of the installation path. NOTE: this might overlap CVE-2011-2488.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! *
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.14
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.5
CVE-2011-2890 MEDIUM

The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.5.22
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! *
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.14
joomla joomla! 1.5.5
CVE-2011-2891 MEDIUM

Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.6.0
joomla joomla! 1.6.1
joomla joomla! 1.6
CVE-2011-2892 MEDIUM

Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! 1.6.0
joomla joomla! 1.6.1
joomla joomla! 1.6
CVE-2011-3747 MEDIUM

Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.6.0
CVE-2011-4321 MEDIUM

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
joomla joomla! 1.5.22
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 1.5.17
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 1.5.18
joomla joomla! 1.5.10
joomla joomla! 1.5.0
joomla joomla! 1.5.6
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 1.5.9
joomla joomla! 1.5.23
joomla joomla! 1.5.24
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 1.5.14
joomla joomla! 1.5.5
CVE-2011-4332 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
joomla joomla! 1.6.5
joomla joomla! 1.6.0
joomla joomla! 1.6.6
joomla joomla! 1.6.1
joomla joomla! 1.6.4
joomla joomla! 1.6
CVE-2012-2747 HIGH

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to gain privileges via unknown attack vectors related to "Inadequate checking."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 2.5.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.0
joomla joomla! 2.5.2
CVE-2012-2748 MEDIUM

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 2.5.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.0
joomla joomla! 2.5.2
CVE-2012-3828 MEDIUM

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 2.5.3
CVE-2012-3829 MEDIUM

Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 2.5.3
CVE-2012-5827 MEDIUM

Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 2.5.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.0
joomla joomla! 2.5.2
joomla joomla! 2.5.7
joomla joomla! 2.5.5
joomla joomla! 2.5.6
CVE-2013-1453 HIGH

plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
CVE-2013-1454 MEDIUM

Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 3.0.2
joomla joomla! 3.0.0
CVE-2013-1455 MEDIUM

Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 3.0.0
CVE-2013-3056 MEDIUM

Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-3057 MEDIUM

Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-3058 MEDIUM

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-3059 MEDIUM

Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-3242 MEDIUM

plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-3267 MEDIUM

Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 2.5.1
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.0.0
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-5576 MEDIUM

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 3.0.0
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.2
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 2.5.12
joomla joomla! 3.0.4
joomla joomla! 2.5.0
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2013-5583 MEDIUM

Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.1.5
CVE-2014-0794 MEDIUM

SQL injection vulnerability in the JV Comment (com_jvcomment) component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla com_jvcomment 3.0.2
CVE-2014-6631 MEDIUM

Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x before 3.2.5 and 3.3.x before 3.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 3.2.2
joomla joomla! 3.2.0
CVE-2014-6632 HIGH

Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 3.3.0
joomla joomla! 2.5.10
joomla joomla! 2.5.23
joomla joomla! 3.2.1
joomla joomla! 2.5.22
joomla joomla! 2.5.19
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 2.5.21
joomla joomla! 2.5.20
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
CVE-2014-7228 HIGH

Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for WordPress 1.0.b1 through 1.1.3; Solo 1.0.b1 through 1.1.2; Admin Tools Core and Professional 2.0.0 through 2.4.4; and CMS Update 1.0.a1 through 1.0.1, when performing a backup or update for an archive, does not delete parameters from $_GET and $_POST when it is cleansing $_REQUEST, but later accesses $_GET and $_POST using the getQueryParam function, which allows remote attackers to bypass encryption and execute arbitrary code via a command message that extracts a crafted archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.0.1
joomla joomla! 2.5.25
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 2.5.10
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.1.6
joomla joomla! 2.5.23
joomla joomla! 3.2.1
joomla joomla! 2.5.22
joomla joomla! 2.5.19
joomla joomla! 2.5.4
joomla joomla! 2.5.16
joomla joomla! 3.1.3
joomla joomla! 2.5.21
joomla joomla! 3.1.4
joomla joomla! 2.5.20
joomla joomla! 3.2.5
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 3.0.4
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
joomla joomla! 3.3.4
joomla joomla! 3.0.3
CVE-2014-7229 MEDIUM

Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x before 3.2.6, and 3.3.x before 3.3.5 allows attackers to cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 2.5.25
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 2.5.10
joomla joomla! 3.2.4
joomla joomla! 2.5.23
joomla joomla! 3.2.1
joomla joomla! 2.5.22
joomla joomla! 2.5.19
joomla joomla! 2.5.4
joomla joomla! 2.5.16
joomla joomla! 2.5.21
joomla joomla! 2.5.20
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.3.1
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
joomla joomla! 3.3.4
CVE-2014-7981 HIGH

SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 3.1.6
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 3.2.1
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
CVE-2014-7982 MEDIUM

Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 3.0.0
joomla joomla! 3.1.6
joomla joomla! 3.2.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 2.5.14
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 2.5.12
joomla joomla! 2.5.18
joomla joomla! 3.0.4
joomla joomla! 2.5.0
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2014-7983 MEDIUM

Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.1.2
joomla joomla! 3.1.6
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 3.2.1
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
CVE-2014-7984 HIGH

Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
joomla joomla! 3.0.1
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 2.5.13
joomla joomla! 2.5.5
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 3.0.0
joomla joomla! 3.1.6
joomla joomla! 3.2.1
joomla joomla! 2.5.3
joomla joomla! 2.5.4
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 2.5.14
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.0.2
joomla joomla! 2.5.12
joomla joomla! 2.5.18
joomla joomla! 3.0.4
joomla joomla! 2.5.0
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 2.5.11
joomla joomla! 2.5.6
joomla joomla! 3.0.3
CVE-2015-4654 HIGH

SQL injection vulnerability in the EQ Event Calendar component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to eqfullevent.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2015-5397 MEDIUM

Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.2.5
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.3.5
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-5608 MEDIUM

Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.0.1
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 3.2.7
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.3.6
joomla joomla! 3.3.0
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.1.6
joomla joomla! 3.2.1
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 3.2.3
joomla joomla! 3.0.2
joomla joomla! 3.3.3
joomla joomla! 3.3.1
joomla joomla! 3.2.6
joomla joomla! 3.0.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.3.4
joomla joomla! 3.0.3
CVE-2015-6939 MEDIUM

Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.4.2
joomla joomla! 3.4.3
joomla joomla! 3.4.0
joomla joomla! 3.4.1
CVE-2015-7297 HIGH

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-7857 HIGH

SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-7858 HIGH

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-7859 MEDIUM

The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-7899 MEDIUM

The com_content component in Joomla! 3.x before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-8562 HIGH

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 1.5.1
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 1.5.15
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.2.2
joomla joomla! 3.3.0
joomla joomla! 1.5.18
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.1
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 1.5.9
joomla joomla! 2.5.19
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 1.6.5
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 2.5.20
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 3.4.1
joomla joomla! 2.5.26
joomla joomla! 2.5.6
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 2.5.25
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 2.5.5
joomla joomla! 3.1.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 3.1.6
joomla joomla! 2.5.23
joomla joomla! 1.5.0
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 1.7.5
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 2.5.28
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
CVE-2015-8563 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.3.1
joomla joomla! 3.3.5
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-8564 HIGH

Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-22,

Products Affected

Vendor Product Version
joomla joomla! 3.4.4
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.4.0
joomla joomla! 3.4.1
CVE-2015-8565 HIGH

Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-22,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.0
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.2.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.2.1
joomla joomla! 3.3.4
CVE-2015-8566 HIGH

The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla session 1.3.0
CVE-2015-8769 HIGH

SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.0.1
joomla joomla! 3.1.2
joomla joomla! 3.1.1
joomla joomla! 3.1.0
joomla joomla! 3.1.5
joomla joomla! 3.2.2
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.1.6
joomla joomla! 3.2.1
joomla joomla! 3.4.6
joomla joomla! 3.4.3
joomla joomla! 3.1.3
joomla joomla! 3.4.5
joomla joomla! 3.1.4
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.0.2
joomla joomla! 3.3.3
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.0.4
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.3.4
joomla joomla! 3.0.3
CVE-2016-10033 HIGH

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-88,CWE-88,

Products Affected

Vendor Product Version
joomla joomla! *
phpmailer_project phpmailer *
wordpress wordpress *
CVE-2016-10045 HIGH

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
joomla joomla! *
phpmailer_project phpmailer *
wordpress wordpress *
CVE-2016-8869 HIGH

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2016-8870 MEDIUM

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2016-9081 HIGH

Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-255,

Products Affected

Vendor Product Version
joomla joomla! 3.4.4
joomla joomla! 3.6.1
joomla joomla! 3.4.8
joomla joomla! 3.6.3
joomla joomla! 3.6.2
joomla joomla! 3.4.5
joomla joomla! 3.4.7
joomla joomla! 3.6.0
joomla joomla! 3.4.6
joomla joomla! 3.5.0
joomla joomla! 3.5.1
CVE-2016-9836 HIGH

The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2016-9837 MEDIUM

An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2016-9838 MEDIUM

An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2017-11364 MEDIUM

The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
joomla joomla! 1.0.0
joomla joomla! 1.5.1
joomla joomla! 1.0.13
joomla joomla! 1.5.15
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.3.0
joomla joomla! 3.7.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 1.0.4
joomla joomla! 2.5.16
joomla joomla! 1.6.5
joomla joomla! 2.5.20
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.14
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 3.4.1
joomla joomla! 2.5.6
joomla joomla! 1.0.5
joomla joomla! 1.5.5
joomla joomla! 1.0.9
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 1.0.14
joomla joomla! 3.1.5
joomla joomla! 1.0.7
joomla joomla! 1.0.15
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.7.1
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 3.7.3
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 3.7.2
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
joomla joomla! 3.3.2
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 3.2.7
joomla joomla! 1.5.12
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 1.0.12
joomla joomla! 3.3.6
joomla joomla! 1.0.1
joomla joomla! 1.6.1
joomla joomla! 3.5.1
joomla joomla! 1.5.9
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 1.0.6
joomla joomla! 1.0.10
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 1.5.16
joomla joomla! 1.6
joomla joomla! 1.0.8
joomla joomla! 2.5.24
joomla joomla! 1.0.11
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 3.2.6
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 2.5.26
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 1.5.0
joomla joomla! 1.0.2
joomla joomla! 1.0.3
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.2.5
joomla joomla! 3.2.3
joomla joomla! 1.7.5
joomla joomla! 3.0.4
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.28
CVE-2017-11612 MEDIUM

In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.1
joomla joomla! 1.5.15
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.3.0
joomla joomla! 3.7.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.16
joomla joomla! 1.6.5
joomla joomla! 2.5.20
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.14
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 3.4.1
joomla joomla! 2.5.6
joomla joomla! 1.5.5
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 3.1.5
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.7.1
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 3.7.3
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 3.7.2
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
joomla joomla! 3.3.2
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 1.6.1
joomla joomla! 3.5.1
joomla joomla! 1.5.9
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 1.5.16
joomla joomla! 1.6
joomla joomla! 2.5.24
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 2.5.26
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 1.5.0
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.2.3
joomla joomla! 1.7.5
joomla joomla! 3.0.4
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.28
CVE-2017-14595 MEDIUM

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 3.7.3
joomla joomla! 3.7.0
joomla joomla! 3.7.4
joomla joomla! 3.7.5
joomla joomla! 3.7.2
joomla joomla! 3.7.1
CVE-2017-14596 MEDIUM

In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-90,

Products Affected

Vendor Product Version
joomla joomla! 1.5.1
joomla joomla! 1.5.15
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.3.0
joomla joomla! 3.7.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.6.5
joomla joomla! 3.7.4
joomla joomla! 2.5.19
joomla joomla! 2.5.16
joomla joomla! 1.6.5
joomla joomla! 2.5.20
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.14
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 3.4.1
joomla joomla! 2.5.6
joomla joomla! 1.5.5
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 3.1.5
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.7.1
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 3.7.3
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 3.7.2
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
joomla joomla! 3.3.2
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 3.2.7
joomla joomla! 1.5.12
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.3.6
joomla joomla! 1.6.1
joomla joomla! 3.5.1
joomla joomla! 1.5.9
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 1.5.16
joomla joomla! 2.5.24
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 3.2.6
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 2.5.26
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 3.7.5
joomla joomla! 1.5.0
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.2.5
joomla joomla! 3.2.3
joomla joomla! 1.7.5
joomla joomla! 3.0.4
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.28
CVE-2017-16633 MEDIUM

In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2017-16634 HIGH

In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2017-7983 MEDIUM

In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 1.5.1
joomla joomla! 1.5.15
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.3.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.16
joomla joomla! 1.6.5
joomla joomla! 2.5.20
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.14
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 3.4.1
joomla joomla! 2.5.6
joomla joomla! 1.5.5
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 3.1.5
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
joomla joomla! 3.3.2
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 1.6.1
joomla joomla! 3.5.1
joomla joomla! 1.5.9
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 1.5.16
joomla joomla! 2.5.24
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 2.5.26
joomla joomla! 3.3.4
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 1.5.0
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.2.3
joomla joomla! 1.7.5
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.28
CVE-2017-7984 MEDIUM

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering leads to XSS in the template manager component.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.6.3
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 3.6.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 3.3.5
joomla joomla! 3.2.4
joomla joomla! 3.6.2
joomla joomla! 3.2.1
joomla joomla! 3.4.6
joomla joomla! 3.5.1
joomla joomla! 3.6.1
joomla joomla! 3.6.5
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.3
joomla joomla! 3.4.8
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.3.4
CVE-2017-7985 MEDIUM

In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2017-7986 MEDIUM

In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 1.5.1
joomla joomla! 1.5.15
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.3.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.5.6
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.16
joomla joomla! 1.6.5
joomla joomla! 2.5.20
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.14
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 3.4.1
joomla joomla! 2.5.6
joomla joomla! 1.5.5
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 3.1.5
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 1.5.3
joomla joomla! 1.5.8
joomla joomla! 3.4.4
joomla joomla! 1.5.7
joomla joomla! 1.5.13
joomla joomla! 2.5.15
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
joomla joomla! 3.3.2
joomla joomla! 1.5.2
joomla joomla! 1.5.4
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 1.5.11
joomla joomla! 1.5.12
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 1.6.1
joomla joomla! 3.5.1
joomla joomla! 1.5.9
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 1.5.16
joomla joomla! 2.5.24
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 1.7.2
joomla joomla! 1.5.14
joomla joomla! 2.5.11
joomla joomla! 2.5.26
joomla joomla! 3.3.4
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 1.5.10
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 1.5.0
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.2.3
joomla joomla! 1.7.5
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.28
CVE-2017-7987 MEDIUM

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of file and folder names leads to XSS vulnerabilities in the template manager component.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.6.3
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 3.6.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 3.3.5
joomla joomla! 3.2.4
joomla joomla! 3.6.2
joomla joomla! 3.2.1
joomla joomla! 3.4.6
joomla joomla! 3.5.1
joomla joomla! 3.6.1
joomla joomla! 3.6.5
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.3
joomla joomla! 3.4.8
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.3.4
CVE-2017-7988 MEDIUM

In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.3.0
joomla joomla! 1.5.18
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 1.6.1
joomla joomla! 1.6.4
joomla joomla! 2.5.22
joomla joomla! 3.5.1
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 1.5.25
joomla joomla! 1.6.5
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 2.5.20
joomla joomla! 1.5.16
joomla joomla! 1.5.19
joomla joomla! 1.5.21
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 1.6.3
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 1.7.2
joomla joomla! 2.5.11
joomla joomla! 3.4.1
joomla joomla! 2.5.26
joomla joomla! 2.5.6
joomla joomla! 3.3.4
joomla joomla! 1.5.22
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 1.5.17
joomla joomla! 3.1.1
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 3.1.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 1.7.0
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.4.6
joomla joomla! 1.5.20
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 1.5.23
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 1.5.24
joomla joomla! 1.6.2
joomla joomla! 3.4.4
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 1.7.5
joomla joomla! 1.7.1
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 1.6.0
joomla joomla! 3.4.0
joomla joomla! 2.5.28
joomla joomla! 1.5.26
joomla joomla! 1.6.6
joomla joomla! 1.7.4
CVE-2017-7989 MEDIUM

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.6.3
joomla joomla! 3.6.4
joomla joomla! 3.4.7
joomla joomla! 3.6.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.2.0
joomla joomla! 3.3.0
joomla joomla! 3.3.5
joomla joomla! 3.2.4
joomla joomla! 3.6.2
joomla joomla! 3.2.1
joomla joomla! 3.4.6
joomla joomla! 3.5.1
joomla joomla! 3.6.1
joomla joomla! 3.6.5
joomla joomla! 3.4.3
joomla joomla! 3.4.5
joomla joomla! 3.4.4
joomla joomla! 3.2.3
joomla joomla! 3.3.3
joomla joomla! 3.4.8
joomla joomla! 3.4.2
joomla joomla! 3.3.1
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.3.4
CVE-2017-8057 MEDIUM

In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 3.6.1
joomla joomla! 3.6.5
joomla joomla! 3.6.3
joomla joomla! 3.4.3
joomla joomla! 3.6.4
joomla joomla! 3.4.5
joomla joomla! 3.4.7
joomla joomla! 3.6.0
joomla joomla! 3.5.0
joomla joomla! 3.4.4
joomla joomla! 3.4.8
joomla joomla! 3.4.2
joomla joomla! 3.6.2
joomla joomla! 3.4.0
joomla joomla! 3.4.1
joomla joomla! 3.4.6
joomla joomla! 3.5.1
CVE-2017-8917 HIGH

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! 3.7.0
CVE-2017-9933 MEDIUM

Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.3.0
joomla joomla! 3.7.0
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 2.5.22
joomla joomla! 3.5.1
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 2.5.20
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 2.5.11
joomla joomla! 3.4.1
joomla joomla! 2.5.26
joomla joomla! 2.5.6
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.1.1
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 3.1.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.7.1
joomla joomla! 3.4.6
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 3.4.4
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 1.7.5
joomla joomla! 3.0.4
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 3.4.0
joomla joomla! 2.5.28
joomla joomla! 1.7.4
CVE-2017-9934 MEDIUM

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! 3.3.2
joomla joomla! 3.1.2
joomla joomla! 2.5.13
joomla joomla! 3.6.0
joomla joomla! 2.5.9
joomla joomla! 3.1.0
joomla joomla! 3.2.2
joomla joomla! 3.5.0
joomla joomla! 3.3.0
joomla joomla! 3.7.0
joomla joomla! 3.3.5
joomla joomla! 3.0.0
joomla joomla! 3.2.4
joomla joomla! 3.2.1
joomla joomla! 2.5.22
joomla joomla! 3.5.1
joomla joomla! 3.6.5
joomla joomla! 2.5.19
joomla joomla! 2.5.3
joomla joomla! 3.4.3
joomla joomla! 2.5.16
joomla joomla! 2.5.2
joomla joomla! 2.5.21
joomla joomla! 3.4.5
joomla joomla! 1.7.3
joomla joomla! 2.5.20
joomla joomla! 2.5.24
joomla joomla! 2.5.14
joomla joomla! 3.0.2
joomla joomla! 3.4.8
joomla joomla! 2.5.18
joomla joomla! 3.3.1
joomla joomla! 2.5.0
joomla joomla! 2.5.11
joomla joomla! 3.4.1
joomla joomla! 2.5.26
joomla joomla! 2.5.6
joomla joomla! 3.3.4
joomla joomla! 3.0.3
joomla joomla! 3.0.1
joomla joomla! 3.6.3
joomla joomla! 2.5.25
joomla joomla! 3.6.4
joomla joomla! 3.1.1
joomla joomla! 3.4.7
joomla joomla! 2.5.5
joomla joomla! 3.1.5
joomla joomla! 2.5.27
joomla joomla! 3.2.0
joomla joomla! 2.5.1
joomla joomla! 2.5.10
joomla joomla! 3.1.6
joomla joomla! 3.6.2
joomla joomla! 2.5.23
joomla joomla! 3.7.1
joomla joomla! 3.4.6
joomla joomla! 3.6.1
joomla joomla! 2.5.4
joomla joomla! 3.7.2
joomla joomla! 3.1.3
joomla joomla! 3.1.4
joomla joomla! 3.4.4
joomla joomla! 2.5.15
joomla joomla! 3.2.3
joomla joomla! 2.5.8
joomla joomla! 3.3.3
joomla joomla! 2.5.12
joomla joomla! 3.4.2
joomla joomla! 1.7.5
joomla joomla! 3.0.4
joomla joomla! 2.5.17
joomla joomla! 2.5.7
joomla joomla! 3.4.0
joomla joomla! 2.5.28
joomla joomla! 1.7.4
CVE-2018-11321 MEDIUM

An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11322 MEDIUM

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11323 MEDIUM

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11324 MEDIUM

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11325 MEDIUM

An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11326 LOW

An issue was discovered in Joomla! Core before 3.8.8. Inadequate input filtering leads to a multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11327 MEDIUM

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-11328 LOW

An issue was discovered in Joomla! Core before 3.8.8. Under specific circumstances (a redirect issued with a URI containing a username and password when the Location: header cannot be used), a lack of escaping the user-info component of the URI could result in an XSS vulnerability.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-12711 MEDIUM

An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-12712 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-15880 LOW

An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile page could lead to a stored XSS attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-15881 MEDIUM

An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-15882 HIGH

An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-17855 MEDIUM

An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-17856 MEDIUM

An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-17857 MEDIUM

An issue was discovered in Joomla! before 3.8.13. Inadequate checks on the tags search fields can lead to an access level violation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-17858 MEDIUM

An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-17859 MEDIUM

An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-6376 HIGH

In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-6377 MEDIUM

In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-6378 MEDIUM

In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-6379 MEDIUM

In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-6380 MEDIUM

In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2018-8045 MEDIUM

In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-10945 HIGH

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-10946 MEDIUM

An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-11358 MEDIUM

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1321,

Products Affected

Vendor Product Version
oracle financial_services_price_creation_and_discovery *
oracle weblogic_server 12.1.3.0.0
oracle rest_data_services 18c
oracle healthcare_translational_research 3.2.1
oracle healthcare_foundation 7.1.1
oracle insurance_ifrs_17_analyzer 8.0.7
oracle bi_publisher 12.2.1.4.0
oracle tape_library_acsls 8.5.1
oracle insurance_performance_insight 8.0.7
oracle banking_digital_experience 19.1
oracle banking_digital_experience 18.3
oracle financial_services_basel_regulatory_capital_internal_ratings_based_approach *
oracle bi_publisher 5.5.0.0.0
oracle policy_automation 10.4.7
oracle transportation_management 1.4.3
oracle hospitality_guest_access 4.2.1
oracle banking_digital_experience 19.2
oracle communications_interactive_session_recorder *
oracle knowledge *
oracle peoplesoft_enterprise_peopletools 8.57
redhat cloudforms 4.7
oracle jdeveloper_and_adf 12.2.1.3.0
oracle application_testing_suite 13.2.0.1
oracle financial_services_liquidity_risk_measurement_and_management 8.0.7
oracle financial_services_basel_regulatory_capital_internal_ratings_based_approach 8.1.0
oracle communications_billing_and_revenue_management 7.5
oracle communications_services_gatekeeper 7.0
juniper junos 21.2
oracle rest_data_services 11.2.0.4
oracle insurance_accounting_analyzer 8.0.9
oracle financial_services_balance_sheet_planning 8.0.8
drupal drupal *
oracle siebel_mobile_applications *
oracle insurance_allocation_manager_for_enterprise_profitability 8.0.8
oracle utilities_mobile_workforce_management *
oracle retail_point-of-service 14.0
oracle communications_session_route_manager 8.2.1
oracle healthcare_translational_research 3.3.1
oracle storagetek_tape_analytics_sw_tool 2.3.0
debian debian_linux 9.0
oracle weblogic_server 10.3.6.0.0
oracle weblogic_server 14.1.1.0.0
oracle hospitality_materials_control 18.1
oracle rest_data_services 19c
oracle financial_services_hedge_management_and_ifrs_valuations *
oracle communications_element_manager 8.2.1
oracle healthcare_translational_research 3.4.0
oracle primavera_gateway 15.2.18
netapp snapcenter -
oracle communications_operations_monitor *
oracle bi_publisher 12.2.1.3.0
debian debian_linux 10.0
oracle financial_services_analytical_applications_reconciliation_framework 8.1.0
oracle healthcare_foundation 7.3.0
oracle primavera_unifier 18.8
oracle financial_services_liquidity_risk_management 8.0.2
oracle siebel_ui_framework 20.8
oracle retail_point-of-service 14.1
oracle hospitality_simphony 18.2
oracle rest_data_services 12.1.0.2
joomla joomla! *
oracle financial_services_revenue_management_and_billing 2.4.0.1
oracle healthcare_translational_research 3.3.2
oracle banking_platform *
oracle real-time_scheduler *
oracle retail_back_office 14.0
oracle retail_returns_management 14.0
oracle jdeveloper 12.2.1.4.0
oracle financial_services_analytical_applications_infrastructure *
oracle financial_services_institutional_performance_analytics *
oracle hospitality_simphony *
opensuse backports_sle 15.0
oracle policy_automation_connector_for_siebel 10.4.6
oracle business_process_management_suite 12.2.1.4.0
oracle webcenter_sites 12.2.1.3.0
oracle financial_services_hedge_management_and_ifrs_valuations 8.1.0
oracle communications_operations_monitor 4.0
oracle financial_services_regulatory_reporting_for_us_federal_reserve *
jquery jquery *
oracle peoplesoft_enterprise_peopletools 8.56
oracle insurance_insbridge_rating_and_underwriting *
oracle banking_enterprise_collections *
oracle retail_customer_insights 16.0
oracle communications_operations_monitor 3.4
oracle financial_services_profitability_management 8.1.0
oracle application_testing_suite 13.3
oracle financial_services_loan_loss_forecasting_and_provisioning 8.1.0
oracle jdeveloper_and_adf 12.1.3.0.0
oracle financial_services_institutional_performance_analytics 8.1.0
oracle service_bus 12.2.1.3.0
oracle jd_edwards_enterpriseone_tools 9.2
oracle financial_services_data_governance_for_us_regulatory_reporting *
oracle financial_services_regulatory_reporting_for_european_banking_authority 8.0.6
oracle financial_services_liquidity_risk_management 8.0.6
oracle financial_services_market_risk_measurement_and_management 8.0.5
oracle financial_services_liquidity_risk_management 8.0.4.0.0
oracle financial_services_profitability_management *
oracle hospitality_simphony 18.1
oracle primavera_unifier 16.1
oracle communications_operations_monitor 4.1.0
oracle primavera_unifier *
oracle retail_central_office 14.1
oracle enterprise_manager_ops_center 12.3.3
netapp oncommand_system_manager *
oracle policy_automation 12.1.1
fedoraproject fedora 29
oracle banking_digital_experience 18.1
oracle financial_services_regulatory_reporting_for_european_banking_authority 8.0.7
oracle communications_diameter_signaling_router 8.1
oracle banking_digital_experience 18.2
oracle service_bus 12.1.3.0.0
oracle system_utilities 19.1
oracle application_service_level_management 13.2.0.0
oracle retail_customer_management_and_segmentation_foundation 18.0
oracle financial_services_data_integration_hub *
oracle financial_services_retail_customer_analytics *
debian debian_linux 8.0
oracle communications_billing_and_revenue_management 7.5.0.23.0
oracle financial_services_data_foundation *
oracle enterprise_session_border_controller 8.4
oracle communications_diameter_signaling_router 8.2
oracle financial_services_liquidity_risk_management 8.0.5.0.0
oracle financial_services_funds_transfer_pricing *
oracle financial_services_analytical_applications_reconciliation_framework *
oracle healthcare_foundation 7.2.2
oracle financial_services_market_risk_measurement_and_management 8.0.6
oracle fusion_middleware_mapviewer 12.2.1.3.0
oracle application_testing_suite 13.3.0.1
fedoraproject fedora 28
oracle financial_services_asset_liability_management *
oracle hospitality_guest_access 4.2.0
oracle insurance_ifrs_17_analyzer 8.0.6
oracle insurance_insbridge_rating_and_underwriting 5.6.1.0
oracle business_process_management_suite 12.2.1.3.0
oracle agile_product_lifecycle_management_for_process 6.2.0.0
oracle peoplesoft_enterprise_peopletools 8.58
oracle financial_services_revenue_management_and_billing 2.4.0.0
oracle jdeveloper 11.1.1.9.0
oracle primavera_unifier 16.2
oracle jdeveloper 12.2.1.3.0
oracle banking_digital_experience 20.1
oracle communications_billing_and_revenue_management 12.0
oracle retail_returns_management 14.1
oracle application_express *
oracle financial_services_data_integration_hub 8.1.0
oracle communications_session_report_manager 8.1.1
oracle service_bus 11.1.1.9.0
oracle communications_session_route_manager 8.1.1
oracle retail_central_office 14.0
oracle application_service_level_management 13.3.0.0
oracle financial_services_liquidity_risk_measurement_and_management 8.0.8
oracle communications_analytics 12.1.1
oracle communications_diameter_signaling_router 8.2.1
oracle weblogic_server 12.2.1.3.0
backdropcms backdrop *
oracle financial_services_enterprise_financial_performance_analytics 8.0.7
oracle communications_session_route_manager 8.2.0
oracle retail_customer_management_and_segmentation_foundation 19.0
oracle agile_product_lifecycle_management_for_process 6.2.2.0
opensuse leap 15.1
redhat virtualization_manager 4.3
oracle financial_services_enterprise_financial_performance_analytics 8.0.6
oracle communications_diameter_signaling_router 8.0.0
oracle communications_unified_inventory_management 7.4.0
oracle weblogic_server 12.2.1.4.0
oracle diagnostic_assistant 2.12.36
oracle communications_application_session_controller 3.8m0
oracle communications_unified_inventory_management 7.3
oracle communications_session_report_manager 8.2.0
oracle financial_services_asset_liability_management 8.1.0
oracle rest_data_services 12.2.0.1
oracle application_testing_suite 12.5.0.3
oracle healthcare_translational_research 3.1.0
fedoraproject fedora 30
oracle policy_automation_for_mobile_devices *
oracle communications_element_manager 8.2.0
oracle financial_services_retail_performance_analytics 8.0.7
oracle identity_manager 12.2.1.3.0
oracle communications_billing_and_revenue_management 12.0.0.3.0
oracle financial_services_basel_regulatory_capital_basic *
oracle enterprise_manager_ops_center 12.4.0
oracle big_data_discovery 1.6
oracle jdeveloper_and_adf 11.1.1.9.0
oracle healthcare_foundation 7.2.0
oracle financial_services_loan_loss_forecasting_and_provisioning *
oracle communications_element_manager 8.1.1
oracle policy_automation *
oracle agile_product_lifecycle_management_for_process 6.2.1.0
oracle insurance_allocation_manager_for_enterprise_profitability 8.1.0
oracle financial_services_market_risk_measurement_and_management 8.0.8
oracle communications_webrtc_session_controller 7.2
oracle insurance_data_foundation *
oracle retail_back_office 14.1
oracle financial_services_regulatory_reporting_for_de_nederlandsche_bank 8.0.4
oracle agile_product_lifecycle_management_for_process 6.2.3.0
oracle communications_session_report_manager 8.2.1
oracle communications_eagle_application_processor *
oracle application_testing_suite 13.1.0.1
oracle retail_customer_insights 15.0
oracle financial_services_retail_performance_analytics 8.0.6
oracle financial_services_funds_transfer_pricing 8.1.0
oracle peoplesoft_enterprise_peopletools 8.55
oracle financial_services_basel_regulatory_capital_basic 8.1.0
oracle financial_services_liquidity_risk_management 8.0.0.1.0
oracle agile_product_lifecycle_management_for_process 6.1
oracle tape_library_acsls 8.5
oracle primavera_gateway *
oracle financial_services_liquidity_risk_measurement_and_management 8.1.0
oracle application_testing_suite 13.2
oracle policy_automation 12.1.0
oracle enterprise_manager_ops_center 12.4.0.0
CVE-2019-11809 MEDIUM

An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-11831 HIGH

The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-502,

Products Affected

Vendor Product Version
fedoraproject fedora 28
joomla joomla! *
drupal drupal *
debian debian_linux 8.0
debian debian_linux 9.0
typo3 pharstreamwrapper *
fedoraproject fedora 30
fedoraproject fedora 29
CVE-2019-12764 MEDIUM

An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-12765 HIGH

An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1236,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-12766 MEDIUM

An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-14654 MEDIUM

In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! 3.9.7
joomla joomla! 3.9.8
CVE-2019-15028 MEDIUM

In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-16725 MEDIUM

In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-18650 MEDIUM

An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-18674 MEDIUM

An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-19845 MEDIUM

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-19846 HIGH

In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-6261 MEDIUM

An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-6262 LOW

An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-6263 LOW

An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-6264 MEDIUM

An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7739 MEDIUM

An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7740 MEDIUM

An issue was discovered in Joomla! before 3.9.3. Inadequate parameter handling in JavaScript code (core.js writeDynaList) could lead to an XSS attack vector.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7741 MEDIUM

An issue was discovered in Joomla! before 3.9.3. Inadequate checks at the Global Configuration helpurl settings allowed stored XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7742 MEDIUM

An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack vector.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7743 HIGH

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,CWE-917,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-7744 MEDIUM

An issue was discovered in Joomla! before 3.9.3. Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-9711 MEDIUM

An issue was discovered in Joomla! before 3.9.4. The item_title layout in edit views lacks escaping, leading to XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-9712 MEDIUM

An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-9713 MEDIUM

An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2019-9714 MEDIUM

An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10238 MEDIUM

An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10239 MEDIUM

An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10240 MEDIUM

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10241 MEDIUM

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10242 MEDIUM

An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-10243 HIGH

An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-11889 MEDIUM

An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-11890 MEDIUM

An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-11891 MEDIUM

An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-13760 MEDIUM

In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! 3.7.0
joomla joomla! *
CVE-2020-13761 MEDIUM

In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
joomla joomla! 3.0.0
CVE-2020-13762 MEDIUM

In Joomla! before 3.9.19, incorrect input validation of the module tag option in com_modules allows XSS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-13763 MEDIUM

In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-281,

Products Affected

Vendor Product Version
joomla joomla! *
joomla joomla! 2.5.0
CVE-2020-15695 MEDIUM

An issue was discovered in Joomla! through 3.9.19. A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-15696 MEDIUM

An issue was discovered in Joomla! through 3.9.19. Lack of input filtering and escaping allows XSS attacks in mod_random_image.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-15697 MEDIUM

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-15698 MEDIUM

An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-15699 MEDIUM

An issue was discovered in Joomla! through 3.9.19. Missing validation checks on the usergroups table object can result in a broken site configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-15700 MEDIUM

An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajax_install endpoint of com_installer causes a CSRF vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-24598 MEDIUM

An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-24599 MEDIUM

An issue was discovered in Joomla! before 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35610 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35611 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35612 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35613 HIGH

An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35614 MEDIUM

An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35615 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-35616 MEDIUM

An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-8419 MEDIUM

An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-8420 MEDIUM

An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2020-8421 MEDIUM

An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23123 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23124 MEDIUM

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23125 MEDIUM

An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23126 MEDIUM

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-338,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23127 MEDIUM

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23128 MEDIUM

An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23129 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23130 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23131 MEDIUM

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-23132 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26027 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26028 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26029 MEDIUM

An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26030 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26031 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26032 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26033 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26034 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26035 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26036 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26037 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-613,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26038 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-754,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26039 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2021-26040 MEDIUM

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
joomla joomla! 4.0.0
CVE-2022-23793 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23794 MEDIUM

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23795 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23796 MEDIUM

An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23797 HIGH

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23798 MEDIUM

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23799 MEDIUM

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23800 MEDIUM

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-23801 MEDIUM

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-27911

An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
joomla joomla! 4.2.0
CVE-2022-27912

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-27913

An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2022-27914

An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-23750

An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-23751

An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-23752

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-23754

An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-23755

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2023-40626

The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
joomla joomla! *
joomla joomla! 5.0.0
CVE-2024-21722

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21723

Inadequate parsing of URLs could result into an open redirect.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21724

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21725

Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21726

Inadequate content filtering leads to XSS vulnerabilities in various components.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21729

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21730

The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-21731

Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-26278

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-26279

The wrapper extensions do not correctly validate inputs, leading to XSS vectors.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-27184

Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-27185

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-27186

The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-27187

Improper Access Controls allows backend users to overwrite their username when disallowed.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-40743

The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-40747

Various module chromes didn't properly process inputs, leading to XSS vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-40748

Lack of output escaping in the id attribute of menu lists.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2024-40749

Improper Access Controls allows access to protected views.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2025-25226

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2025-25227

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2025-63082

Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2025-63083

Lack of output escaping leads to a XSS vector in the pagebreak plugin.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-21629

The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-21630

Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-21631

Lack of output escaping leads to a XSS vector in the multilingual associations component.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-21632

Lack of output escaping for article titles leads to XSS vectors in various locations.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-23898

Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.

Products Affected

Vendor Product Version
joomla joomla! *
CVE-2026-23899

An improper access check allows unauthorized access to webservice endpoints.

Products Affected

Vendor Product Version
joomla joomla! *