584 matches found
CVE-2026-48901 Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
EUVD-2020-31227
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract...
CVE-2023-40630
Unauthenticated LFI/SSRF in JCDashboards component for Joomla...
CVE-2018-10727
Reflected Cross-Site Scripting XSS vulnerability in the fabrikreferrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header...
CVE-2009-4784
SQL injection vulnerability in the Joaktree comjoaktree component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php...
CVE-2010-0982
Directory traversal vulnerability in the CARTwebERP comcartweberp component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...
CVE-2010-0801
Directory traversal vulnerability in the AutartiTarot comautartitarot component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to...
CVE-2010-0692
SQL injection vulnerability in the IP-Tech JQuarks comjquarks Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information...
CVE-2019-18674
An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure...
CVE-2020-10240
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
CVE-2020-10239
An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of comfields allows access for non-superadmin users...
CVE-2020-10242
An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks...
CVE-2020-10241
An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of comtemplates lead to CSRF...
CVE-2006-1047
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors...
CVE-2019-12766
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors...
Joomla! XSS Vulnerability (20260102)
Joomla! is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...
EUVD-2010-1743
Malware in sbrugna...
EUVD-2020-23278
Malware in sbrugna...
EUVD-2018-7738
Malware in sbrugna...
EUVD-2018-18133
Malware in sbrugna...