Joomla!
by Joomla
Source repositories
CVEs (393)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6007 | Hig | 0.60 | 8.8 | 0.02 | Jan 29, 2018 | CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. | ||
| CVE-2018-17858 | Hig | 0.57 | 8.8 | 0.01 | Oct 9, 2018 | An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend. | ||
| CVE-2018-17855 | Hig | 0.57 | 8.8 | 0.02 | Oct 9, 2018 | An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself. | ||
| CVE-2018-15882 | Cri | 0.57 | 9.8 | 0.03 | Aug 29, 2018 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | ||
| CVE-2018-12712 | Hig | 0.57 | 8.8 | 0.02 | Jun 26, 2018 | An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion. | ||
| CVE-2018-11323 | Hig | 0.57 | 8.8 | 0.03 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. | ||
| CVE-2017-11364 | Hig | 0.57 | 8.8 | 0.02 | Aug 2, 2017 | The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | ||
| CVE-2020-37218 | Hig | 0.53 | 8.2 | 0.00 | May 13, 2026 | Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL… | ||
| CVE-2016-9838 | Hig | 0.53 | 7.5 | 0.14 | Dec 16, 2016 | An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group… | ||
| CVE-2026-23899 | Hig | 0.50 | 8.8 | 0.00 | Apr 1, 2026 | An improper access check allows unauthorized access to webservice endpoints. | ||
| CVE-2026-21630 | Hig | 0.50 | 8.8 | 0.00 | Apr 1, 2026 | Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. | ||
| CVE-2026-48901 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key. | ||
| CVE-2026-48897 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||
| CVE-2026-48896 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||
| CVE-2026-40384 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. | ||
| CVE-2020-37219 | Hig | 0.49 | 7.5 | 0.01 | May 13, 2026 | Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files… | ||
| CVE-2018-11322 | Hig | 0.49 | 7.5 | 0.02 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. | ||
| CVE-2017-9933 | Hig | 0.49 | 7.5 | 0.02 | Jul 17, 2017 | Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. | ||
| CVE-2016-9837 | Hig | 0.49 | 7.5 | 0.01 | Dec 16, 2016 | An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as… | ||
| CVE-2008-4122 | Hig | 0.49 | 7.5 | 0.01 | Dec 19, 2008 | Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. |
- risk 0.60cvss 8.8epss 0.02
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.
- risk 0.57cvss 8.8epss 0.02
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
- risk 0.53cvss 8.2epss 0.00
Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL…
- risk 0.53cvss 7.5epss 0.14
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group…
- risk 0.50cvss 8.8epss 0.00
An improper access check allows unauthorized access to webservice endpoints.
- risk 0.50cvss 8.8epss 0.00
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.
- risk 0.49cvss 7.5epss 0.00
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.
- risk 0.49cvss 7.5epss 0.00
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
- risk 0.49cvss 7.5epss 0.00
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
- risk 0.49cvss 7.5epss 0.00
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
- risk 0.49cvss 7.5epss 0.01
Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.
- risk 0.49cvss 7.5epss 0.02
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as…
- risk 0.49cvss 7.5epss 0.01
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Page 2 of 20