Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 274
Date Id Summary Products Score Patch Annotated
2018-03-15 CVE-2018-8045 In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. Joomla\! 8.8
2018-01-30 CVE-2018-6380 In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. Joomla\! 6.1
2018-01-30 CVE-2018-6379 In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability. Joomla\! 6.1
2018-05-22 CVE-2018-6378 In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. Joomla\! 6.1
2018-01-30 CVE-2018-6377 In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox Joomla\! 6.1
2018-01-30 CVE-2018-6376 In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. Joomla\! 9.8
2018-10-09 CVE-2018-17859 An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms. Joomla\! 4.3
2018-10-09 CVE-2018-17858 An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend. Joomla\! 8.8
2018-10-09 CVE-2018-17857 An issue was discovered in Joomla! before 3.8.13. Inadequate checks on the tags search fields can lead to an access level violation. Joomla\! 4.3
2018-08-29 CVE-2018-15882 An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. Joomla\! 9.8