Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Joomla\!
(Joomla)| Repositories | https://github.com/joomla/joomla-cms |
| #Vulnerabilities | 274 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-04 | CVE-2011-3629 | Joomla! core 1.7.1 allows information disclosure due to weak encryption | Joomla\! | N/A | ||
| 2020-01-22 | CVE-2011-3595 | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2012-1563 | Joomla! before 2.5.3 allows Admin Account Creation. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2012-1562 | Joomla! core before 2.5.3 allows unauthorized password change. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2011-4907 | Joomla! 1.5x through 1.5.12: Missing JEXEC Check | Joomla\! | N/A | ||
| 2019-12-18 | CVE-2019-19846 | In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors. | Joomla\! | N/A | ||
| 2019-12-18 | CVE-2019-19845 | In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | Joomla\! | N/A | ||
| 2019-11-06 | CVE-2019-18674 | An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure. | Joomla\! | N/A | ||
| 2019-11-06 | CVE-2019-18650 | An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability. | Joomla\! | N/A | ||
| 2017-04-25 | CVE-2017-7988 | In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article. | Joomla\! | 5.3 |