Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 259
Date Id Summary Products Score Patch Annotated
2019-01-16 CVE-2019-6264 An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability. Joomla\! 6.1
2019-01-16 CVE-2019-6263 An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS. Joomla\! 4.8
2019-01-16 CVE-2019-6262 An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS. Joomla\! 5.4
2019-01-16 CVE-2019-6261 An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability. Joomla\! 6.1
2019-04-10 CVE-2019-10946 An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. Joomla\! 7.5
2019-04-10 CVE-2019-10945 An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. Joomla\! 9.8
2018-03-15 CVE-2018-8045 In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. Joomla\! 8.8
2018-01-30 CVE-2018-6380 In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. Joomla\! 6.1
2018-01-30 CVE-2018-6379 In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability. Joomla\! 6.1
2018-05-22 CVE-2018-6378 In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. Joomla\! 6.1