Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 259
Date Id Summary Products Score Patch Annotated
2021-03-04 CVE-2021-23131 An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager. Joomla\! 7.5
2021-03-04 CVE-2021-23132 An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads Joomla\! 7.5
2021-03-04 CVE-2021-26027 An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article. Joomla\! 5.3
2021-03-04 CVE-2021-26028 An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path. Joomla\! 5.5
2021-03-04 CVE-2021-26029 An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field. Joomla\! 5.3
2021-04-14 CVE-2021-26030 An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page Joomla\! 6.1
2021-04-14 CVE-2021-26031 An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI. Joomla\! 5.3
2021-05-26 CVE-2021-26032 An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors. Joomla\! 6.1
2021-05-26 CVE-2021-26033 An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint. Joomla\! 6.5
2021-05-26 CVE-2021-26034 An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo. Joomla\! 6.5