Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 259
Date Id Summary Products Score Patch Annotated
2018-05-22 CVE-2018-11324 An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated. Joomla\! 5.9
2018-05-22 CVE-2018-11323 An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. Joomla\! 8.8
2018-05-22 CVE-2018-11322 An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. Joomla\! 7.5
2018-05-22 CVE-2018-11321 An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. Joomla\! 6.5
2017-07-17 CVE-2017-9934 Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability. Joomla\! 6.1
2017-07-17 CVE-2017-9933 Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. Joomla\! 7.5
2017-05-17 CVE-2017-8917 SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. Joomla\! 9.8
2017-04-25 CVE-2017-8057 In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting. Joomla\! 5.3
2017-04-25 CVE-2017-7989 In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden. Joomla\! 6.5
2017-04-25 CVE-2017-7987 In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of file and folder names leads to XSS vulnerabilities in the template manager component. Joomla\! 6.1