7 matches found
EUVD-2025-2666
Malicious code in bioql PyPI...
CVE-2025-22205
Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x...
CVE-2023-23750 [20230101] - Core - CSRF within post-installation messages
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages...
Joomla! 4.x < 4.2.5 Cross-Site Scripting
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.2.5. It is, therefore, affected by a Cross-Site Scripting XSS due to inadequate filtering of potentially malicious user input in commedia. Note that the scanner has not tested for...
Joomla! 4.x < 4.2.4 Multiple Vulnerabilities
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities. - Disclosure of critical information in debug mode. CVE-2022-27912 - Cross-Site Scripting XSS through reflection of user...
CVE-2022-23801
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...
Joomla! 4.x < 4.0.1 Insufficient Access Control
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0 prior to 4.0.1. It is, therefore, affected by an insufficient access control vulnerability on its commedia deletion endpoint. An unauthenticated, remote attacker could exploit this to delete...