725 matches found
[20190602] - Core - XSS in subform field
The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors...
[20200401] - Core - Incorrect access control in com_users access level editing function
Incorrect ACL checks in the access level section of comusers allow the unauthorized editing of usergroups...
[20190901] - Core - XSS in logo parameter of default templates
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates...
[20140904] - Core - Denial of Service
Inadequate checking allowed the potential for a denial of service attack...
Extplorer, 2.1.9 and previous, Directory Traversal
Extplorer, 2.1.9, Directory Traversal cve: CVE-2016-4313 resolution: update to 2.1.10 update notice: http://extplorer.net/news/21...
Joomla! Pinterest Clone Social Pinboard,2.0,SQL Injection
Joomla! Pinterest Clone Social Pinboard from apptha.com, 2.0, multiple SQL Injection vulnerabilities...
[20210705] - Core - XSS in com_media imagelist
Inadequate escaping in the imagelist view of commedia leads to a XSS vulnerability...
[20190401] - Core - Directory Traversal in com_media
The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory...
[20130407] - Core - XSS Vulnerability
Inadequate filtering leads to XSS vulnerability in highlighter plugin...
Visforms Base Package for Joomla!, 4, SQL Injection
Project: Visforms für Joomla 3 Extension: comvisforms Impact: Critical Severity: High Probability: Unkonwn Versions: 3.8.0 - 3.14.10 Exploit type: SQL Injection Reported Date: 2023-04-16 Fixed Date: 2023-04-19 CVE Number: CVE-2023-23753 Description An improper use of input filter allows...
[20190801] - Core - Hardening com_contact contact form
Inadequate checks in comcontact could allowed mail submission in disabled forms...
[20231101] - Core - Exposure of environment variables
Joomla! CMS versions 1.6.0-4.4.0, 5.0.0...
[20161205] - PHPMailer Security Advisory
All versions of the third-party PHPMailer library distributed with Joomla! versions up to 3.6.5 are vulnerable to a remote code execution vulnerability. This is patched in PHPMailer 5.2.20 which will be included with Joomla! 3.7. After analysis, the JSST has determined that through correct use of...
[20200605] - Core - CSRF in com_postinstall
Missing token checks in compostinstall cause CSRF vulnerabilities...
ZH GoogleMap, 8.4.0.0, SQL Injection
ZH GoogleMap from zhuk.cc, versions 8.4.0.0 and previous, SQL Injection Resolution: update to 8.4.1.0 Update notice: http://zhuk.cc/2018/02/21/zh-googlemap-security-update-2/...
[20191001] - Core - CSRF in com_template overrides view
A missing token check in comtemplate causes a CSRF vulnerability...
[20170501] - Core - SQL Injection
Inadequate filtering of request data leads to a SQL Injection vulnerability...
[20230201] - Core - Improper access check in webservice endpoints
Joomla! CMS versions 4.0.0-4.2.7...
[20200306] - Core - SQL injection in Featured Articles menu parameters
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the "Featured Articles" frontend menutype...
[20200305] - Core - Incorrect Access Control in com_fields SQL field
Incorrect Access Control in the SQL fieldtype of comfields allows access for non-superadmin users...
OS Property, 3.12.8, SQL Injection
OS Property from Joomdonation.com, 3.12.8 and previous, SQL Injection resolution: update to 3.12.9 note that previous security release 3.12.8 did not completely fix the issue update notice: https://www.joomdonation.com/forum/os-property/61368-os-property-3-12-9-released-security-issue-fixed.html...
[20170407] - Core - ACL Violations
Inadequate mime type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden...
[20161003] - Core - Account Modifications
Incorrect use of unfiltered data allows for existing user accounts to be modified; to include resetting their username, password, and user group assignments...
[20151207] - Core - SQL Injection
Inadequate filtering of request data leads to a SQL Injection vulnerability...
[20200402] - Core - Missing checks for the root usergroup in usergroup table
Inproper input validations in the usergroup table class could lead to a broken ACL configuration...
[20200302] - Core - XSS in Protostar and Beez3
Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allow XSS attacks...
[20210701] - Core - XSS in JForm Rules field
Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability...
[20200301] - Core - CSRF in com_templates image actions
Missing token checks in the image actions of comtemplates causes CSRF vulnerabilities...
Saxum Numerology, 3.0.4, SQL Injection
Saxum Numerology, versions 3.0.4 and previous, SQL Injection...
[20151206] - Core - Session Hardening
The Joomla Security Strike team has been following up on the critical security vulnerability patched last week. Since the recent update it has become clear that the root cause is a bug in PHP itself. This was fixed by PHP in September of 2015 with the releases of PHP 5.4.45, 5.5.29, 5.6.13 Note...
[20200801] - Core - XSS in mod_latestactions
Lack of escaping in modlatestactions allows XSS attacks...
[20200803] - Core - Directory traversal in com_media
Lack of input validation allows commedia root paths outside of the webroot...
[20190202] - Core - Browserside mime-type sniffing causes XSS attack vectors
A combination of specific webserver configurations, in connection with specific file types and browserside mime-type sniffing causes a XSS attack vector...
BK MultiThumb [multithumb], 3.7.1 and below, XSS (Cross Site Scripting)
BK-MultiThumb, 3.7.1 and below, XSS Cross Site Scripting Extension contains known vulnerable version of JS library prettyPhoto. The vulnerability in JS file was patched by extension author on basis of 3.1.5 file. Update notice: http://joomla.rjews.net/bk-multithumb...
[20210704] - Core - Privilege escalation through com_installer
Install action in cominstaller lack the required hardcoded ACL checks for superusers, leading to various potential attack vectors. A default system is not affected cause by default cominstaller is limited to super users already...
[20200601] - Core - XSS in modules heading tag option
Lack of input validation in the heading tag option of the "Articles – Newsflash" and "Articles - Categories" modules allow XSS attacks...
[20191202] - Core - Various SQL injections through configuration parameters
The lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors...
[20090722] - Core - Missing JEXEC Check
Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host...
[20090301] - Core - Multiple XSS/CSRF
A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include comadmin, commedia, comsearch. Both comadmin and comsearch contain XSS vulnerabilities, and commedia contains 2 CSRF vulnerabilities...
[20200602] - Core - Inconsistent default textfilter settings
The default settings of the global "textfilter" configuration doesn't block HTML inputs for 'Guest' users. With 3.9.19, the textfilter for new installations has been set to 'No HTML' for the groups 'Public', 'Guest' and 'Registered'...
JSP Tickets, 1.1, SQL Injection
JSP Tickets from Joomla Service Provider, versions 1.1 and previous, SQL Injection Resolution: update to version 1.2.0 Update notice: http://www.joomlaserviceprovider.com/jspblog/jsp-tickets-1-2-security-release.html...
OrdaSoft CCK,2.0.4,SQL Injection
OrdaSoft CCK, 2.0.4, SQL Injection Resolution: update to 2.0.5 Update notice: http://ordasoft.com/News/News/os-cck-content-construction-kit-for-joomla-security-update.html...
[20210501] - Core - Adding HTML to the executable block list of MediaHelper::canUpload
HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors...
[20200403] - Core - Incorrect access control in com_users access level deletion function
Incorrect ACL checks in the access level section of comusers allow the unauthorized deletion of usergroups...
[20210703] - Core - Lack of enforced session termination
Various CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked...
[20210801] - Core - Insufficient access control for com_media deletion endpoint
The media manager does not correctly check the user's permissions before executing a file deletion command...
[20210503] - Core - CSRF in data download endpoints
A missing token check causes a CSRF vulnerability in data download endpoints in combanners and comsysinfo...
Zh BaiduMap, 3.0.0.1, SQL Injection
Zh BaiduMap by zhuk.cc, versions 3.0.0.1 and previous, SQL Injection resolution: update to 3.0.1.0 update notice: http://zhuk.cc/2018/02/21/zh-baidumap-security-update/...
[20210502] - Core - CSRF in AJAX reordering endpoint
A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint...
[20190402] - Core - Helpsites refresh endpoint callable for unauthenticated users
The "refresh list of helpsites" endpoint of comusers lacks access checks, allowing calls from unauthenticated users...