CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Joomla! Vulnerable Extensions List•added 2026/02/24 12:0 a.m.•9 views

Novarain/Tassos Framework, , SQL Injection

allow SQL injection and unauthenticated file reads. Attackers can chain these issues for administrator takeover and remote code execution on unpatched systems. Affected extensions include Convert Forms, EngageBox, Google Structured Data, Advanced Custom Fields, and Smile Pack, all relying on the...

6.7AI score

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-2145

Malware in sbrugna...

7.8CVSS7.7AI score0.03344EPSS

Exploits5References5

RedhatCVE•added 2025/05/23 6:48 a.m.•4 views

CVE-2024-40745

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

5.4CVSS6.5AI score0.00155EPSS

Exploits0References1

OSV•added 2025/03/05 4:15 p.m.•2 views

CVE-2025-22212

A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the submission management area in backend...

2.7CVSS6AI score0.00009EPSS

Exploits0References2

NVD•added 2024/12/04 3:15 p.m.•14 views

CVE-2024-40745

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

5.4CVSS0.00155EPSS

Exploits0References1

NVD•added 2024/12/04 3:15 p.m.•12 views

CVE-2024-40744

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

9.8CVSS0.00057EPSS

Exploits0References1

OSV•added 2024/12/04 3:15 p.m.•0 views

CVE-2024-40745

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

5.4CVSS5.5AI score

Exploits0References1

OSV•added 2024/12/04 3:15 p.m.•0 views

CVE-2024-40744

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

9.8CVSS5.8AI score0.00057EPSS

Exploits0References1

Vulnrichment•added 2024/12/04 3:2 p.m.•13 views

CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

6.7AI score0.00155EPSS

Exploits0References1

CVE•added 2024/12/04 3:2 p.m.•65 views

CVE-2024-40745

The CVE-2024-40745 entry concerns a Reflected Cross‑Site Scripting (XSS) vulnerability in the Joomla Convert Forms component, affecting versions prior to 4.4.8. Multiple connected sources (Red Hat, CVE lists, CNVD, CVE records) consistently identify the affected product as the Convert Forms compo...

5.4CVSS5.4AI score0.00155EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/12/04 3:2 p.m.•13 views

CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

0.00155EPSS

Exploits0References1

Vulnrichment•added 2024/12/04 3:1 p.m.•8 views

CVE-2024-40744 Extension - tassos.gr - Unrestricted file upload in Convert Forms component for Joomla < 4.4.8

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

7.2AI score0.00057EPSS

Exploits0References1

CVE•added 2024/12/04 3:1 p.m.•72 views

CVE-2024-40744

CVE-2024-40744 affects the Joomla extension Convert Forms; versions prior to 4.4.8 are vulnerable. The issue is an unrestricted file upload via a security bypass in the Convert Forms component, enabling potential malicious uploads. The vulnerability is high impact (per CVSS 3.1: AV:N/AC:L/PR:N/UI...

9.8CVSS9.6AI score0.00057EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/12/04 3:1 p.m.•14 views

CVE-2024-40744 Extension - tassos.gr - Unrestricted file upload in Convert Forms component for Joomla < 4.4.8

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

0.00057EPSS

Exploits0References1

Positive Technologies•added 2024/12/04 12:0 a.m.•1 views

PT-2024-29023 · Joomla · Convert Forms

Name of the Vulnerable Software and Affected Versions: Convert Forms component for Joomla versions prior to 4.4.8 Description: The issue is related to an unrestricted file upload via a security bypass in the Convert Forms component for Joomla. This allows for potential malicious file uploads...

9.8CVSS7.3AI score0.00057EPSS

Exploits0References6

Positive Technologies•added 2024/12/04 12:0 a.m.•1 views

PT-2024-29024 · Joomla · Joomla Convert Forms

Name of the Vulnerable Software and Affected Versions: Joomla Convert Forms component versions prior to 4.4.8 Description: The issue is related to a Reflected Cross site scripting vulnerability in the Convert Forms component for Joomla. This vulnerability allows for the execution of malicious...

5.4CVSS6.7AI score0.00155EPSS

Exploits0References4

CNVD•added 2018/04/16 12:0 a.m.•4 views

Convert Forms CSV Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A CSV injection vulnerability exists in Joomla! Convert Forms 2.0.3 and earlier versions. When a user with elevated privileges exports form data in CSV format, an attacker can explo...

7.8CVSS7.3AI score0.03344EPSS

Exploits5References1

0day.today•added 2018/04/13 12:0 a.m.•37 views

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection) Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla Extension Convert Forms version 2.0.3 - Formula Injection CSV Injection Google Dork: N/A Exploit Author: Jetty Sairam Software Link:...

7.7AI score0.03344EPSS

Exploits5

NVD•added 2018/04/12 7:29 p.m.•10 views

CVE-2018-10063

The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file...

7.8CVSS7.9AI score0.03344EPSS

Exploits5References3

OSV•added 2018/04/12 7:29 p.m.•1 views

CVE-2018-10063

The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file...

7.8CVSS5.8AI score0.03344EPSS

Exploits5References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by