11 matches found
[20260305] - Core - Arbitrary file deletion in com_joomlaupdate
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism...
[20260304] - Core - XSS vectors in various article title outputs
Lack of output escaping for article titles leads to XSS vectors in various locations...
Exploit for Improper Access Control in Joomla Joomla\!
This is a POC for CVE-2023-23752 written in Python...
Joomla! 4.0.0 - 4.2.3 Multiple Vulnerabilities
Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...
CVE-2022-23800
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components...
CVE-2022-23798 [20220306] - Core - Inadequate validation of internal URLs
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not...
PT-2022-16269 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.10.6 Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla! where inadequate filtering on the selected Ids in a request could result in a possible SQL injection. Recommendations:...
CVE-2021-26040
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command...
CVE-2021-26040
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command...
Arbitrary file deletion
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command...
PT-2021-16933 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! version 4.0.0 Description: An issue was discovered in the media manager, which does not correctly check the user's permissions before executing a file deletion command. Recommendations: For Joomla! version 4.0.0, update to a version...