Vendor CVEs
Joomla
All CVEs
1,051 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7317 | Hig | 0.52 | 7.5 | 0.08 | Feb 22, 2018 | Backup Download exists in the Proclaim 9.1.1 component for Joomla! via a direct request for a .sql file under backup/. | ||
| CVE-2018-6610 | Hig | 0.52 | 7.5 | 0.08 | Feb 5, 2018 | Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request. | ||
| CVE-2026-23899 | Hig | 0.50 | 8.8 | 0.00 | Apr 1, 2026 | An improper access check allows unauthorized access to webservice endpoints. | ||
| CVE-2026-21630 | Hig | 0.50 | 8.8 | 0.00 | Apr 1, 2026 | Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. | ||
| CVE-2026-48901 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key. | ||
| CVE-2026-48897 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||
| CVE-2026-48896 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||
| CVE-2026-40384 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. | ||
| CVE-2020-37219 | Hig | 0.49 | 7.5 | 0.01 | May 13, 2026 | Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files… | ||
| CVE-2018-11322 | Hig | 0.49 | 7.5 | 0.02 | May 22, 2018 | An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. | ||
| CVE-2013-7428 | Hig | 0.49 | 7.5 | 0.02 | Sep 7, 2017 | The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php. | ||
| CVE-2013-7432 | Hig | 0.49 | 7.5 | 0.02 | Aug 29, 2017 | The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism. | ||
| CVE-2017-9933 | Hig | 0.49 | 7.5 | 0.02 | Jul 17, 2017 | Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. | ||
| CVE-2017-5214 | Hig | 0.49 | 7.5 | 0.01 | May 17, 2017 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files. | ||
| CVE-2016-9837 | Hig | 0.49 | 7.5 | 0.01 | Dec 16, 2016 | An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as… | ||
| CVE-2008-4122 | Hig | 0.49 | 7.5 | 0.01 | Dec 19, 2008 | Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | ||
| CVE-2015-8769 | Hig | 0.48 | 7.3 | 0.01 | Jan 12, 2016 | SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2016-10379 | Hig | 0.47 | 7.2 | 0.02 | May 29, 2017 | The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php. | ||
| CVE-2016-1000122 | Hig | 0.47 | 7.2 | 0.02 | Oct 27, 2016 | XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension | ||
| CVE-2016-1000120 | Hig | 0.47 | 7.2 | 0.02 | Oct 27, 2016 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | ||
| CVE-2016-1000119 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | ||
| CVE-2016-1000118 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | XSS & SQLi in HugeIT slideshow v1.0.4 | ||
| CVE-2016-1000117 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | XSS & SQLi in HugeIT slideshow v1.0.4 | ||
| CVE-2018-25381 | Hig | 0.46 | 7.1 | 0.00 | May 25, 2026 | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter_type_id, filter_pid_id, and filter_search… | ||
| CVE-2020-37226 | Hig | 0.46 | 7.1 | 0.00 | May 13, 2026 | Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby'… | ||
| CVE-2020-37224 | Hig | 0.46 | 7.1 | 0.00 | May 13, 2026 | Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby'… | ||
| CVE-2025-22213 | Hig | 0.46 | — | 0.00 | Mar 11, 2025 | Inadequate checks in the Media Manager allowed users with "edit" privileges to change file extension to arbitrary extension, including .php and other potentially executable extensions. | ||
| CVE-2025-22207 | Med | 0.44 | — | 0.00 | Feb 18, 2025 | Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of com_scheduler. | ||
| CVE-2018-6377 | Med | 0.44 | 6.1 | 0.58 | Jan 30, 2018 | In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox | ||
| CVE-2010-0467 | Med | 0.44 | 5.8 | 0.43 | Feb 2, 2010 | Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php. | ||
| CVE-2018-10068 | Med | 0.43 | 6.1 | 0.04 | Apr 12, 2018 | The jDownloads extension before 3.2.59 for Joomla! has XSS. | ||
| CVE-2019-25740 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requests to the job.savejob task with path traversal sequences in the field_2… | ||
| CVE-2018-15881 | Hig | 0.42 | 7.5 | 0.02 | Aug 29, 2018 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation. | ||
| CVE-2018-11321 | Med | 0.42 | 6.5 | 0.02 | May 22, 2018 | An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. | ||
| CVE-2017-7989 | Med | 0.42 | 6.5 | 0.01 | Apr 25, 2017 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden. | ||
| CVE-2026-48905 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Lack of input filtering leads to an XSS vector in the HTML filter code. | ||
| CVE-2026-48903 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components. | ||
| CVE-2026-30895 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Lack of output escaping leads to a XSS vector in the readmore links for com_content. | ||
| CVE-2026-30894 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Lack of output escaping leads to a XSS vector in the content history component. | ||
| CVE-2026-25901 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Lack of output escaping leads to a XSS vector in the multilingual associations component. | ||
| CVE-2026-25900 | Med | 0.40 | 6.1 | 0.00 | May 26, 2026 | Lack of output escaping leads to a XSS vector in the feed modules. | ||
| CVE-2023-54364 | Med | 0.40 | 6.1 | 0.00 | Apr 9, 2026 | Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the… | ||
| CVE-2023-54362 | Med | 0.40 | 6.1 | 0.00 | Apr 9, 2026 | Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the… | ||
| CVE-2023-54361 | Med | 0.40 | 6.1 | 0.00 | Apr 9, 2026 | Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the filter_keyword parameter. Attackers can craft URLs containing JavaScript payloads in the filter_keyword GET parameter… | ||
| CVE-2023-54360 | Med | 0.40 | 6.1 | 0.00 | Apr 9, 2026 | Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers… | ||
| CVE-2026-23898 | Hig | 0.40 | 7.2 | 0.00 | Apr 1, 2026 | Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | ||
| CVE-2026-21629 | Hig | 0.40 | 7.3 | 0.00 | Apr 1, 2026 | The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers. | ||
| CVE-2018-12711 | Med | 0.40 | 6.1 | 0.01 | Jun 26, 2018 | An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or… | ||
| CVE-2018-6378 | Med | 0.40 | 6.1 | 0.01 | May 22, 2018 | In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. | ||
| CVE-2018-6380 | Med | 0.40 | 6.1 | 0.02 | Jan 30, 2018 | In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. |
- risk 0.52cvss 7.5epss 0.08
Backup Download exists in the Proclaim 9.1.1 component for Joomla! via a direct request for a .sql file under backup/.
- risk 0.52cvss 7.5epss 0.08
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request.
- risk 0.50cvss 8.8epss 0.00
An improper access check allows unauthorized access to webservice endpoints.
- risk 0.50cvss 8.8epss 0.00
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.
- risk 0.49cvss 7.5epss 0.00
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.
- risk 0.49cvss 7.5epss 0.00
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
- risk 0.49cvss 7.5epss 0.00
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
- risk 0.49cvss 7.5epss 0.00
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
- risk 0.49cvss 7.5epss 0.01
Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.
- risk 0.49cvss 7.5epss 0.02
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.
- risk 0.49cvss 7.5epss 0.02
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism.
- risk 0.49cvss 7.5epss 0.02
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.
- risk 0.49cvss 7.5epss 0.01
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as…
- risk 0.49cvss 7.5epss 0.01
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
- risk 0.48cvss 7.3epss 0.01
SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.47cvss 7.2epss 0.02
The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.
- risk 0.47cvss 7.2epss 0.02
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
- risk 0.47cvss 7.2epss 0.02
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
- risk 0.47cvss 7.2epss 0.02
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
- risk 0.47cvss 7.2epss 0.02
XSS & SQLi in HugeIT slideshow v1.0.4
- risk 0.47cvss 7.2epss 0.02
XSS & SQLi in HugeIT slideshow v1.0.4
- risk 0.46cvss 7.1epss 0.00
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter_type_id, filter_pid_id, and filter_search…
- risk 0.46cvss 7.1epss 0.00
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby'…
- risk 0.46cvss 7.1epss 0.00
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby'…
- risk 0.46cvss —epss 0.00
Inadequate checks in the Media Manager allowed users with "edit" privileges to change file extension to arbitrary extension, including .php and other potentially executable extensions.
- risk 0.44cvss —epss 0.00
Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of com_scheduler.
- risk 0.44cvss 6.1epss 0.58
In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox
- risk 0.44cvss 5.8epss 0.43
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
- risk 0.43cvss 6.1epss 0.04
The jDownloads extension before 3.2.59 for Joomla! has XSS.
- risk 0.42cvss 6.5epss 0.00
Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requests to the job.savejob task with path traversal sequences in the field_2…
- risk 0.42cvss 7.5epss 0.02
An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.
- risk 0.42cvss 6.5epss 0.01
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.
- risk 0.40cvss 6.1epss 0.00
Lack of input filtering leads to an XSS vector in the HTML filter code.
- risk 0.40cvss 6.1epss 0.00
Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.
- risk 0.40cvss 6.1epss 0.00
Lack of output escaping leads to a XSS vector in the readmore links for com_content.
- risk 0.40cvss 6.1epss 0.00
Lack of output escaping leads to a XSS vector in the content history component.
- risk 0.40cvss 6.1epss 0.00
Lack of output escaping leads to a XSS vector in the multilingual associations component.
- risk 0.40cvss 6.1epss 0.00
Lack of output escaping leads to a XSS vector in the feed modules.
- risk 0.40cvss 6.1epss 0.00
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the…
- risk 0.40cvss 6.1epss 0.00
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the…
- risk 0.40cvss 6.1epss 0.00
Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the filter_keyword parameter. Attackers can craft URLs containing JavaScript payloads in the filter_keyword GET parameter…
- risk 0.40cvss 6.1epss 0.00
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers…
- risk 0.40cvss 7.2epss 0.00
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.
- risk 0.40cvss 7.3epss 0.00
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers.
- risk 0.40cvss 6.1epss 0.01
An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or…
- risk 0.40cvss 6.1epss 0.01
In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager.
- risk 0.40cvss 6.1epss 0.02
In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
Page 3 of 22