Vendor CVEs
Joomla
All CVEs
1,051 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6575 | Cri | 0.67 | 9.8 | 0.03 | Feb 2, 2018 | SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request. | ||
| CVE-2018-6398 | Cri | 0.67 | 9.8 | 0.03 | Jan 30, 2018 | SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action. | ||
| CVE-2018-6395 | Cri | 0.67 | 9.8 | 0.03 | Jan 30, 2018 | SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action. | ||
| CVE-2018-5984 | Cri | 0.67 | 9.8 | 0.03 | Jan 24, 2018 | SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI. | ||
| CVE-2017-17870 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action. | ||
| CVE-2017-15966 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | ||
| CVE-2017-15965 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. | ||
| CVE-2015-4073 | Cri | 0.67 | 9.8 | 0.04 | Sep 20, 2017 | Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the… | ||
| CVE-2015-2798 | Cri | 0.67 | 9.8 | 0.03 | Jul 25, 2017 | SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||
| CVE-2026-48904 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows privelege escalation through the com_users group editing webservice endpoint. | ||
| CVE-2026-48902 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. | ||
| CVE-2026-48898 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows privilege escalation through the com_users batch task. | ||
| CVE-2026-40383 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper validation of user-supplied input leads to a local file inclusion vulnerability. | ||
| CVE-2026-35223 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | An improper access check allows unauthorized access to com_config webservice endpoints. | ||
| CVE-2026-35222 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | Improperly validated order clauses lead to a SQL injection vulnerability in com_tags. | ||
| CVE-2026-35221 | Cri | 0.64 | 9.8 | 0.00 | May 26, 2026 | Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder. | ||
| CVE-2017-18345 | Cri | 0.64 | 9.8 | 0.03 | Aug 26, 2018 | The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request. | ||
| CVE-2018-11325 | Cri | 0.64 | 9.8 | 0.04 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation… | ||
| CVE-2018-6376 | Cri | 0.64 | 9.8 | 0.05 | Jan 30, 2018 | In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. | ||
| CVE-2017-16634 | Cri | 0.64 | 9.8 | 0.04 | Nov 10, 2017 | In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. | ||
| CVE-2017-15946 | Cri | 0.64 | 9.8 | 0.01 | Oct 28, 2017 | In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. | ||
| CVE-2017-14596 | Cri | 0.64 | 9.8 | 0.06 | Sep 20, 2017 | In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | ||
| CVE-2013-7429 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php. | ||
| CVE-2017-5215 | Cri | 0.64 | 9.8 | 0.04 | May 17, 2017 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution. | ||
| CVE-2016-9081 | Cri | 0.64 | 9.8 | 0.02 | Jan 23, 2017 | Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors. | ||
| CVE-2016-10114 | Cri | 0.64 | 9.8 | 0.02 | Jan 4, 2017 | SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch. | ||
| CVE-2016-9836 | Cri | 0.64 | 9.8 | 0.02 | Dec 5, 2016 | The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt`… | ||
| CVE-2016-1000113 | Cri | 0.64 | 9.8 | 0.03 | Oct 6, 2016 | XSS and SQLi in huge IT gallery v1.1.5 for Joomla | ||
| CVE-2016-8870 | Hig | 0.62 | 8.1 | 0.82 | Nov 4, 2016 | The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration… | ||
| CVE-2025-49484 | Hig | 0.60 | — | 0.03 | Jul 18, 2025 | A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature. | ||
| CVE-2018-8045 | Hig | 0.60 | 8.8 | 0.29 | Mar 15, 2018 | In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. | ||
| CVE-2018-6007 | Hig | 0.60 | 8.8 | 0.02 | Jan 29, 2018 | CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. | ||
| CVE-2015-7715 | Hig | 0.60 | 8.8 | 0.03 | Oct 18, 2017 | Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php. | ||
| CVE-2025-54475 | Hig | 0.57 | — | 0.00 | Aug 15, 2025 | A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands. | ||
| CVE-2018-17858 | Hig | 0.57 | 8.8 | 0.01 | Oct 9, 2018 | An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend. | ||
| CVE-2018-17855 | Hig | 0.57 | 8.8 | 0.02 | Oct 9, 2018 | An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself. | ||
| CVE-2018-15882 | Cri | 0.57 | 9.8 | 0.03 | Aug 29, 2018 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | ||
| CVE-2018-12712 | Hig | 0.57 | 8.8 | 0.02 | Jun 26, 2018 | An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion. | ||
| CVE-2018-11323 | Hig | 0.57 | 8.8 | 0.03 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. | ||
| CVE-2017-11364 | Hig | 0.57 | 8.8 | 0.02 | Aug 2, 2017 | The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | ||
| CVE-2015-4075 | Hig | 0.56 | 8.1 | 0.07 | Sep 20, 2017 | The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task. | ||
| CVE-2015-4074 | Hig | 0.56 | 7.5 | 0.57 | Sep 20, 2017 | Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task. | ||
| CVE-2018-10063 | Hig | 0.54 | 7.8 | 0.10 | Apr 12, 2018 | The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file. | ||
| CVE-2018-25433 | Hig | 0.53 | 8.2 | 0.00 | Jun 1, 2026 | Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter. Attackers can send GET requests to index.php with crafted… | ||
| CVE-2018-25351 | Hig | 0.53 | 8.2 | 0.00 | May 23, 2026 | Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL… | ||
| CVE-2018-25330 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2026 | Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address… | ||
| CVE-2020-37218 | Hig | 0.53 | 8.2 | 0.00 | May 13, 2026 | Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL… | ||
| CVE-2025-53204 | Hig | 0.53 | 8.1 | 0.00 | Aug 20, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through <= 1.9.2. | ||
| CVE-2018-6397 | Hig | 0.53 | 7.5 | 0.12 | Jan 30, 2018 | Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter. | ||
| CVE-2016-9838 | Hig | 0.53 | 7.5 | 0.14 | Dec 16, 2016 | An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group… |
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI.
- risk 0.67cvss 9.8epss 0.03
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.
- risk 0.67cvss 9.8epss 0.03
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
- risk 0.67cvss 9.8epss 0.03
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
- risk 0.67cvss 9.8epss 0.04
Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the…
- risk 0.67cvss 9.8epss 0.03
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
- risk 0.64cvss 9.8epss 0.00
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows privilege escalation through the com_users batch task.
- risk 0.64cvss 9.8epss 0.00
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
- risk 0.64cvss 9.8epss 0.00
An improper access check allows unauthorized access to com_config webservice endpoints.
- risk 0.64cvss 9.8epss 0.00
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
- risk 0.64cvss 9.8epss 0.00
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
- risk 0.64cvss 9.8epss 0.03
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation…
- risk 0.64cvss 9.8epss 0.05
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
- risk 0.64cvss 9.8epss 0.04
In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.
- risk 0.64cvss 9.8epss 0.01
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.
- risk 0.64cvss 9.8epss 0.06
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
- risk 0.64cvss 9.8epss 0.02
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.
- risk 0.64cvss 9.8epss 0.04
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
- risk 0.64cvss 9.8epss 0.02
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.
- risk 0.64cvss 9.8epss 0.02
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt`…
- risk 0.64cvss 9.8epss 0.03
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
- risk 0.62cvss 8.1epss 0.82
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration…
- risk 0.60cvss —epss 0.03
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.
- risk 0.60cvss 8.8epss 0.29
In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view.
- risk 0.60cvss 8.8epss 0.02
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.
- risk 0.60cvss 8.8epss 0.03
Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php.
- risk 0.57cvss —epss 0.00
A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.
- risk 0.57cvss 8.8epss 0.02
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
- risk 0.56cvss 8.1epss 0.07
The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.
- risk 0.56cvss 7.5epss 0.57
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.
- risk 0.54cvss 7.8epss 0.10
The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
- risk 0.53cvss 8.2epss 0.00
Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter. Attackers can send GET requests to index.php with crafted…
- risk 0.53cvss 8.2epss 0.00
Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL…
- risk 0.53cvss 8.2epss 0.00
Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address…
- risk 0.53cvss 8.2epss 0.00
Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL…
- risk 0.53cvss 8.1epss 0.00
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through <= 1.9.2.
- risk 0.53cvss 7.5epss 0.12
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
- risk 0.53cvss 7.5epss 0.14
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group…
Page 2 of 22