Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Joomla\!
(Joomla)| Repositories | https://github.com/joomla/joomla-cms |
| #Vulnerabilities | 274 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-05 | CVE-2011-1151 | Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. | Joomla\! | N/A | ||
| 2020-02-04 | CVE-2011-4937 | Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | Joomla\! | N/A | ||
| 2020-02-04 | CVE-2011-4912 | Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | Joomla\! | N/A | ||
| 2020-02-04 | CVE-2011-3629 | Joomla! core 1.7.1 allows information disclosure due to weak encryption | Joomla\! | N/A | ||
| 2020-01-22 | CVE-2011-3595 | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2012-1563 | Joomla! before 2.5.3 allows Admin Account Creation. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2012-1562 | Joomla! core before 2.5.3 allows unauthorized password change. | Joomla\! | N/A | ||
| 2020-01-15 | CVE-2011-4907 | Joomla! 1.5x through 1.5.12: Missing JEXEC Check | Joomla\! | N/A | ||
| 2019-12-18 | CVE-2019-19846 | In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors. | Joomla\! | N/A | ||
| 2019-12-18 | CVE-2019-19845 | In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | Joomla\! | N/A |