Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-4762

Malware in sbrugna...

6.6CVSS6.4AI score0.05188EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-12861

Malware in sbrugna...

7.5CVSS7.4AI score0.01209EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2022/08/04 12:0 a.m.5 views

The vulnerability of the /ossn/administrator/com_installer component of open-source social network software allows a hacker to execute arbitrary code.

The vulnerability of the Open Source Social Network software component /ossn/administrator/cominstaller lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a specially created PHP file...

9CVSS7.6AI score0.01543EPSS
Exploits1References3
OSV
OSVadded 2021/07/07 11:15 a.m.17 views

CVE-2021-26038

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...

7.5CVSS6.7AI score
Exploits0References1
NVD
NVDadded 2021/07/07 11:15 a.m.13 views

CVE-2021-26038

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...

7.5CVSS0.01209EPSS
Exploits0References1
Prion
Prionadded 2021/07/07 11:15 a.m.19 views

Hardcoded credentials

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...

4.3CVSS7.4AI score0.01209EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/07/07 10:12 a.m.12 views

CVE-2021-26038 [20210704] - Core - Privilege escalation through com_installer

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in cominstaller lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for cominstaller is limited to super users already...

7.7AI score0.01209EPSS
Exploits0References1
CVE
CVEadded 2021/07/07 10:12 a.m.175 views

CVE-2021-26038

Joomla! 2.5.0 through 3.9.27 is affected by CVE-2021-26038 due to an install action in com_installer lacking hardcoded ACL checks for superusers, enabling privilege escalation. The default ACL for com_installer is limited to super users, so the default system is not affected. A patch is available...

7.5CVSS7.4AI score0.01209EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2021/07/07 12:0 a.m.17 views

Code problem vulnerability of Joomla!

Joomla! is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in Joomla! 2.5.0 - 3.9.27. The vulnerability stems from a hard-coded ACL check for superuser missing from the install operation in cominstaller, which can be exploited to execute...

7.5CVSS2.9AI score0.01209EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2021/07/07 12:0 a.m.64 views

Joomla 2.5.x < 3.9.28 Multiple Vulnerabilities (5840-joomla-3-9-28)

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.28. It is, therefore, affected by multiple vulnerabilities. - Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability. CVE-2021-26035 - Missing...

7.5CVSS6.1AI score0.01439EPSS
Exploits0References11
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions Listadded 2021/06/06 12:0 a.m.53 views

[20210704] - Core - Privilege escalation through com_installer

Install action in cominstaller lack the required hardcoded ACL checks for superusers, leading to various potential attack vectors. A default system is not affected cause by default cominstaller is limited to super users already...

7.5CVSS3.9AI score0.01209EPSS
Exploits0Affected Software1
OSV
OSVadded 2020/07/15 4:15 p.m.13 views

CVE-2020-15700

An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...

6.3CVSS6.9AI score
Exploits0References1
NVD
NVDadded 2020/07/15 4:15 p.m.10 views

CVE-2020-15700

An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...

6.8CVSS0.00594EPSS
Exploits0References1
Prion
Prionadded 2020/07/15 4:15 p.m.17 views

Cross site request forgery (csrf)

An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajaxinstall endpoint of cominstaller causes a CSRF vulnerability...

6.8CVSS6.3AI score0.00594EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2020/07/15 3:52 p.m.53 views

CVE-2020-15700

CVE-2020-15700 affects Joomla! up to 3.9.19: the ajax_install endpoint in com_installer lacks a token check, causing a CSRF vulnerability. Affected: Joomla! through 3.9.19. Impact: CSRF (network vector; user interaction required; confidentiality/integrity/availability LOW). Mitigation: upgrade to...

6.8CVSS6.3AI score0.00594EPSS
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions Listadded 2020/05/07 12:0 a.m.23 views

[20200701] - Core - CSRF in com_installer ajax_install endpoint

A missing token check in the ajaxinstall endpoint cominstaller causes a CSRF vulnerability...

6.9AI score
Exploits0Affected Software1
OpenVAS
OpenVASadded 2018/10/10 12:0 a.m.32 views

Joomla! < 3.8.13 Multiple Vulnerabilities

Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...

8.8CVSS6.4AI score0.01348EPSS
Exploits0References2
Prion
Prionadded 2018/10/09 9:29 p.m.10 views

Cross site request forgery (csrf)

An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...

6.8CVSS8.7AI score0.0098EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2018/10/09 9:29 p.m.16 views

CVE-2018-17858

An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...

8.8CVSS8.7AI score0.0098EPSS
Exploits0References3
OSV
OSVadded 2018/10/09 9:29 p.m.10 views

CVE-2018-17858

An issue was discovered in Joomla! before 3.8.13. cominstaller actions do not have sufficient CSRF hardening in the backend...

8.8CVSS6.9AI score
Exploits0References3
Rows per page
Query Builder