Lucene search
K
JoomlaMost viewed

743 matches found

Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/02/20 12:0 a.m.17 views

JS Jobs, 1.1.9, SQL Injection

JS Jobs by Joomsky, versions 1.1.9 and previous, SQL injection resolution: update to version 1.2.0 update notice: http://www.joomsky.com/products/js-jobs.html...

1.7AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/12/29 12:0 a.m.17 views

Joomla Guru, SQL Injection

Joomla Guru by IJoomla, 5.0.15 and previous, SQL Injection resolution: update to 5.0.16 update notice: https://guru.ijoomla.com/changelog/237-guru-5-0-16...

1AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/08/21 12:0 a.m.17 views

KissGallery 1.0.0, SQL Injection

KissGallery version 1.0.0 by TW Carter, SQL Injection...

3.9AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/07/11 12:0 a.m.17 views

IJSEO, 3.1.17, SQL Injection

IJSEO from IJoomla, 3.1.17, SQL Injection Resolution: update to 3.1.18 Update notice: https://seo.ijoomla.com/blog/entry/joomla-iseo-extension-got-important-security-fix-1-1 The issue affects both the commercial Pro and the non-commercial Light versions of the extension. The developer released a...

2.3AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/07/01 8:11 p.m.17 views

easysocial, 2.0.18 and below

easysocial, 2.0.18 and below Extension Update Details https://stackideas.com/blog/security-update-for-easysocial-2019...

0.2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/04/09 1:41 p.m.17 views

Joomla Modern Booking,1.0,SQL Injection

Joomla Modern Booking,1.0,SQL Injection new version number 2.0.0 UpdateNotice URL https://www.unikalus.com/announcements.html...

7.5AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/03/14 12:0 a.m.17 views

Smart related articles ,1.1,SQL Injection and XSS

Smart related articles by Iacopo Guarneri, 1.1,SQL Injection and XSS...

3.1AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/03/09 12:0 a.m.17 views

Alta User Points,1.1.7,SQL Injection

Alta User Points, 1.1.7, SQL Injection Resolution: update to 1.1.8 Update Notice URL https://www.nordmograph.com/extensions/index.php?option=comvirtuemart=productdetailsproductid=120categoryid=8=58...

7.8AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/03/05 12:0 a.m.17 views

Ajax search for K2, 2.2

Ajax search for K2 by taleia.software, 2.2, SQL Injection...

1.8AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/02/09 12:0 a.m.17 views

Jtag Calendar 6.2.4

JTag Calendar versions 6.2.4 and previous Resolution: update to 6.2.5 Developer states: Fixed security issue in search functionality Update notice: https://joomlatag.com/premium-joomla-extensions/jtag-calendar-detail.html...

2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/12/25 10:20 a.m.17 views

Payment Form, versions before 4.2

Joomdonation extensions, Information Disclosure Payment Form versions before 4.2 Resolution: update to 4.2 Update notice URL: http://joomdonation.com/forum/payment-form/50514-payment-form-version-4-2-released.html...

0.6AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/10/07 12:0 a.m.17 views

Komento, 2.0.4 and previous, XSS (Cross Site Scripting)

Stackideas Komento, prior to 2.0.5, XSS Cross Site Scripting Resolved in version 2.0.5 Update notice: http://stackideas.com/changelog/komento?version=2.0.5...

1.2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/08/26 12:0 a.m.17 views

Music Collection, 2.4.6 and below, SQL Injection

Music Collection commuscol, 2.4.6 and below, SQL Injection Fixed in 2.4.10 Notice: http://www.joomlathat.com/news/music-collection/music-collection-2-4-9-released-security-release-2...

7.8AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/06/20 2:41 p.m.17 views

pPGallery [plg_content_ppgallery], 4.315, XSS (Cross Site Scripting)

pPGallery plgcontentppgallery, 4.315, XSS Cross Site Scripting...

1.4AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/06/19 6:44 p.m.17 views

Joombri Freelance, pre 1.6.5, SQLi

JoomBri freelance extension pre 1.6.5. suffers major sqli exploit. No contact from developer, Notified by Ruth Cheesley...

7.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/06/10 7:9 p.m.17 views

"EQ Event Calendar" [com_eqfullevent] , 1.0.0 and below

"EQ Event Calendar" by byeqima.com - version: 1.0.0 and lower SQL injection vulnerability...

4.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2015/02/01 12:0 a.m.17 views

eXtplorer 2.1.6 released

http://extplorer.net/news/15 Please update to this new eXtplorer version as it fixes an XSS security issue. Also the UTF-8 fix is recommended for users with non-ASCII filenames...

0.9AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/12/23 7:45 a.m.17 views

Visforms pre 2.1.2 and pre 3.1.2

Update so that information submitted with Visforms cannot be disclosed unintentionally. http://www.vi-solutions.de/en/announcements/366-security-updates-for-visforms-2-1-2-and-3-1-2-released...

0.5AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/12/07 9:55 p.m.17 views

failedloginattempts v1.0.1

plgfailedloginattemptsv1.0.1j25j30, 1.0.1, Information Disclosure Developers update statements 12-Dec-2014 : v1.1.0 http://www.web357.eu/news/releases/68-failed-login-attempts-v1-1-0-has-been-released-security-release.html...

7.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/02/21 12:0 a.m.17 views

[20140304] - Core - Unauthorised Logins

Inadequate checking allowed unauthorised logins via GMail authentication...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/02/08 11:1 p.m.17 views

ODude Dir - DT

ODude DIR - DT-777 developer statement ODude Dir 1.1 updated with fixed securities issues. http://www.odude.com/main/dir/dir-log.html...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2013/06/01 9:27 p.m.17 views

CiviCRM 4.3.3 and previous

CiviCRM, = 4.3.3, XSS Cross Site Scripting Update Notice URL http://civicrm.org/blogs/colemanw/security-release-civicrm-434...

6.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2013/05/29 12:0 a.m.17 views

Jinc, ALL,

Jinc ALL - Exploit Type Arbitrary File Creation Vulnerability JINC until version 1.0.1 is affected by a vulnerability providing attackers the ability to update arbitrary files in Joomla! installation. This problem is solved in JINC 1.0.2...

7.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2011/08/02 12:0 a.m.17 views

[20110901] - Core - XSS Vulnerability

Inadequate escaping leads to XSS vulnerability in comsearch...

6.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2008/08/26 12:0 a.m.17 views

[20080904] - Core - Redirect Spam

Several components utilize a passed in URL to redirect to after processing. These URLs are not validated prior to the redirect. A crafted URL can cause the system to redirect to a spam or phishing site...

6.7AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2026/03/09 12:0 a.m.16 views

[20260306] - Core - Improper access check in webservice endpoints

An improper access check allows unauthorized access to webservice endpoints...

8.8CVSS5.8AI score0.00401EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2024/08/26 12:0 a.m.16 views

[20250103] - Core - Read ACL violation in multiple core views

Improper Access Controls allows access to protected views...

7.5CVSS5.9AI score0.00368EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/07/14 12:0 a.m.16 views

js jobs, 1.3, SQL Injection

js jobs,1.3,SQL Injection...

1.5AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/04/03 10:48 a.m.16 views

hwdplayer,4.2,SQL Injection

hwdplayer,4.2,SQL Injection Possible abandonware also...

2.4AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/10/16 12:0 a.m.16 views

J2Store, 3.3.9. and previous,XSS (Cross Site Scripting)

J2Store,3.9.x,XSS Cross Site Scripting Update to 3.3.11 https://www.j2store.org/blog/general/j2store-3-3-11-released-with-improvements-and-a-security-fix.html...

7.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/10/08 12:0 a.m.16 views

js jobs,1.1.5, 1.1.6, 1.2.5 and 1.2.6,Other

js jobs,1.1.5, 1.1.6, 1.2.5 and 1.2.6,Other Extension Update Details Fix the file security bug. new version number 2.1.7...

2.1AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/08/12 12:0 a.m.16 views

JS support ticket,1.1.6, SQL Injection

JS support ticket,1.1.6, SQL Injection resolution: update to 1.1.7 update notice: https://joomsky.com/products/js-ticket-joomla.html...

7.8AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/05/13 8:58 a.m.16 views

RSMembership! older than 1.22.11 ,Other

RSMembership! older than 1.22.11,Other UpdateNotice URL https://www.rsjoomla.com/blog/view/468-csv-vulnerability-explained.html...

0.7AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/05/13 8:58 a.m.16 views

RSEvents! Pro (March 2019),Other

RSEvents! Pro March 2019,Other new version number 2.2.1 UpdateNotice URL https://www.rsjoomla.com/blog/view/468-csv-vulnerability-explained.html...

1.3AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/05/13 8:58 a.m.16 views

RSEvents! Pro Cart Plugin older than 1.1.15 ,Other

RSEvents! Pro Cart Plugin older than 1.1.15,Other UpdateNotice URL https://www.rsjoomla.com/blog/view/468-csv-vulnerability-explained.html...

1.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/03/22 12:0 a.m.16 views

TCPDF Library,6.2.12,Other

TCPDF Library,6.2.12,Other updated to v6.2.26 | ---|--- ttweetfsubscribe...

7.1AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/12/05 9:38 a.m.16 views

Jomres,9.14.0 & lower,Other

Jomres,9.14.0 & lower Developer statement new version number 9.15.0 UpdateNotice URL https://www.jomres.net/blog/99-jomres-9-15-0-security-release-new-features Changelog Url https://www.jomres.net/support/changelog...

7.2AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/02/20 12:0 a.m.16 views

Jimtawl, 2.2.6, Arbitrary File Upload

Jimtawl from janguo.de, 2.2.6, arbitrary file upload Resolution: update to 2.2.7 Update notice: http://janguo.de/lang-de/joomla-25-higher/jimtawl.html...

0.7AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/02/08 12:0 a.m.16 views

JS Support Ticket 1.1.0, ,XSS (Cross Site Scripting)

JS Support Ticket 1.1.0, ,XSS Cross Site Scripting UpdateNotice URL 1.1.1 http://www.joomsky.com/products/js-ticket-joomla.html...

0.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/01/15 12:25 p.m.16 views

cms2cms improper file/folder permissions

All these extensions create a folder with permissions 0777, which is not subsequently deleted. CMS2CMS: Automated Blogger to J! Migration CMS2CMS: Automated HTML to J! Migration CMS2CMS: Automated Drupal to J! Migration CMS2CMS: Automated WordPress to J! Migration CMS2CMS Automated WiX to J!...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/12/27 12:0 a.m.16 views

My Projects,2.0,SQL Injection

My Projects,2.0,SQL Injection Resolution: update to version 2.1 Update notice: http://www.gegabyte.org/downloads/joomla-extensions/joomla3/components/292-my-projects...

1.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/11/24 12:0 a.m.16 views

Virtuemart,3.2.4,XSS (Cross Site Scripting)

Virtuemart,3.2.4,XSS Cross Site Scripting Resolution: update to 3.2.6 update notice: http://virtuemart.net/news/482-virtuemart-3-2-6-security-release-and-overhauled-infrastructure...

0.2AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/09/06 12:0 a.m.16 views

Realtyna RPL, All versions, SQL Injection and Abandonware

Realtyna RPL, All versions, SQL Injection and abandonware The developer no longer supports Joomla! The site is still online, but there are redirects to the Wordpress version. We asked the developer about the prospect of a security release, and received this reply: It’s almost 2 years that we...

2.2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/08/30 12:0 a.m.16 views

ccNewsletter 2.1.9 and previous, SQL injection

ccNewsletter by Chill Creations, version 2.1.9 and previous, SQL injection resolution: update to 2.2.0 update notice: https://www.chillcreations.com/downloads/ccnewsletter regrettably, the developer seems to have forgotten to notify the VEL...

3AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/06/01 12:0 a.m.16 views

AYS Quiz,1.0,SQL Injection

AYS Quiz, 1.0,SQL Injection...

2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/05/26 12:0 a.m.16 views

Kunena 5.0.8 and previous XSS

Kunena 5.0.8 and previous, cross-site scripting XSS Resolution: update to 5.0.9 Update notice: https://www.kunena.org/blog/185-kunena-5-0-9-released...

0.6AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/03/15 12:0 a.m.16 views

JMultipleHotelReservation, 6.0.3, SQL Injection

JMultipleHotelReservation by CMS Junkie, 6.0.3, SQL Injection Resolution: Update to 6.0.4 Update notice: http://www.cmsjunkie.com/blog/joomla-hotel-reservation-6-0-4-release/...

0.7AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/03/12 5:54 p.m.16 views

Most Wanted Real Estate,1.1.0,SQL Injection

Most Wanted Real Estate, 1.1.0, SQL Injection...

2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/02/02 11:21 a.m.16 views

Joomla Spider FAQ by Web-Dorado pre 1.3

Joomla Spider FAQ by Web-Dorado pre 1.3 ,SQLi Update to 1.3...

2.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2016/08/18 12:0 a.m.16 views

Event Registration Pro,3.2.12 - 3.2.10,SQL Injection

Event Registration Pro,3.2.12 - 3.2.10,SQL Injection resolution: update to 3.2.13 update notice: https://www.joomlashowroom.com/blog/event-registration-pro-3-2-13-released-security-release...

1.1AI score
Exploits0References2Affected Software1
Total number of security vulnerabilities743