Filtered by vendor Joomla
Subscriptions
Filtered by product Joomla\!
Subscriptions
Total
583 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7988 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article. | ||||
| CVE-2018-17857 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| An issue was discovered in Joomla! before 3.8.13. Inadequate checks on the tags search fields can lead to an access level violation. | ||||
| CVE-2018-15881 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation. | ||||
| CVE-2018-11323 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. | ||||
| CVE-2018-17859 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms. | ||||
| CVE-2018-11325 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen. | ||||
| CVE-2017-14595 | 1 Joomla | 1 Joomla\! | 2019-10-03 | N/A |
| In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state. | ||||
| CVE-2019-16725 | 1 Joomla | 1 Joomla\! | 2019-09-25 | 6.1 Medium |
| In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | ||||
| CVE-2019-11809 | 1 Joomla | 1 Joomla\! | 2019-05-20 | N/A |
| An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector. | ||||
| CVE-2019-10945 | 1 Joomla | 1 Joomla\! | 2019-04-17 | N/A |
| An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. | ||||
| CVE-2017-8917 | 1 Joomla | 1 Joomla\! | 2019-04-16 | N/A |
| SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-7985 | 1 Joomla | 1 Joomla\! | 2019-03-19 | N/A |
| In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components. | ||||
| CVE-2019-9711 | 1 Joomla | 1 Joomla\! | 2019-03-15 | N/A |
| An issue was discovered in Joomla! before 3.9.4. The item_title layout in edit views lacks escaping, leading to XSS. | ||||
| CVE-2019-9712 | 1 Joomla | 1 Joomla\! | 2019-03-15 | N/A |
| An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS. | ||||
| CVE-2019-9714 | 1 Joomla | 1 Joomla\! | 2019-03-15 | N/A |
| An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS. | ||||
| CVE-2019-6263 | 1 Joomla | 1 Joomla\! | 2019-02-26 | N/A |
| An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS. | ||||
| CVE-2019-6261 | 1 Joomla | 1 Joomla\! | 2019-02-26 | N/A |
| An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability. | ||||
| CVE-2019-6262 | 1 Joomla | 1 Joomla\! | 2019-02-26 | N/A |
| An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS. | ||||
| CVE-2019-6264 | 1 Joomla | 1 Joomla\! | 2019-02-26 | N/A |
| An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability. | ||||
| CVE-2019-7742 | 1 Joomla | 1 Joomla\! | 2019-02-13 | N/A |
| An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack vector. | ||||