Joomla!
by Joomla
Source repositories
CVEs (393)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10033 | Cri | 0.80 | 9.8 | 1.00 | KEV | Dec 30, 2016 | The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. | |
| CVE-2017-8917 | Cri | 0.75 | 9.8 | 1.00 | May 17, 2017 | SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2016-8869 | Cri | 0.74 | 9.8 | 0.97 | Nov 4, 2016 | The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. | ||
| CVE-2016-10045 | Cri | 0.68 | 9.8 | 0.98 | Dec 30, 2016 | The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail… | ||
| CVE-2018-5990 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter. | ||
| CVE-2026-48904 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows privelege escalation through the com_users group editing webservice endpoint. | ||
| CVE-2026-48902 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. | ||
| CVE-2026-48898 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows privilege escalation through the com_users batch task. | ||
| CVE-2026-40383 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper validation of user-supplied input leads to a local file inclusion vulnerability. | ||
| CVE-2026-35223 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows unauthorized access to com_config webservice endpoints. | ||
| CVE-2026-35222 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | Improperly validated order clauses lead to a SQL injection vulnerability in com_tags. | ||
| CVE-2026-35221 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder. | ||
| CVE-2018-11325 | Cri | 0.64 | 9.8 | 0.04 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation… | ||
| CVE-2018-6376 | Cri | 0.64 | 9.8 | 0.05 | Jan 30, 2018 | In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. | ||
| CVE-2017-16634 | Cri | 0.64 | 9.8 | 0.04 | Nov 10, 2017 | In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. | ||
| CVE-2017-14596 | Cri | 0.64 | 9.8 | 0.06 | Sep 20, 2017 | In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | ||
| CVE-2016-9081 | Cri | 0.64 | 9.8 | 0.02 | Jan 23, 2017 | Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors. | ||
| CVE-2016-9836 | Cri | 0.64 | 9.8 | 0.02 | Dec 5, 2016 | The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt`… | ||
| CVE-2016-8870 | Hig | 0.62 | 8.1 | 0.82 | Nov 4, 2016 | The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration… | ||
| CVE-2018-8045 | Hig | 0.60 | 8.8 | 0.29 | Mar 15, 2018 | In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. |
- risk 0.80cvss 9.8epss 1.00
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
- risk 0.75cvss 9.8epss 1.00
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.74cvss 9.8epss 0.97
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.
- risk 0.68cvss 9.8epss 0.98
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail…
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
- risk 0.64cvss 9.8epss 0.00
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows privilege escalation through the com_users batch task.
- risk 0.64cvss 9.8epss 0.00
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows unauthorized access to com_config webservice endpoints.
- risk 0.64cvss 9.8epss 0.00
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
- risk 0.64cvss 9.8epss 0.00
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation…
- risk 0.64cvss 9.8epss 0.05
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
- risk 0.64cvss 9.8epss 0.04
In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.
- risk 0.64cvss 9.8epss 0.06
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
- risk 0.64cvss 9.8epss 0.02
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
- risk 0.64cvss 9.8epss 0.02
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt`…
- risk 0.62cvss 8.1epss 0.82
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration…
- risk 0.60cvss 8.8epss 0.29
In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view.
Page 1 of 20