725 matches found
[20220302] - Core - Path Disclosure within filesystem error messages
Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application...
[20190701] - Core - Filter attribute in subform fields allows remote code execution
Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option...
[20190301] - Core - XSS in com_config JSON handler
The JSON handler in comconfig lacks input validation, leading to XSS vulnerability...
[20170702] - Core - XSS Vulnerability
Missing CSRF token checks and improper input validation lead to an XSS vulnerability...
[20100423] - Core - Installer Migration Script
The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server...
[20220308] - Core - Inadequate content filtering within the filter code
Inadequate content filtering leads to XSS vulnerabilities in various components...
[20210309] - Core - Inadequate filtering of form contents could allow to overwrite the author field
Inadequate filtering of form contents could allow to overwrite the author field. The affected core components are comfields, comcategories, combanners, comcontact, comnewsfeeds and comtags...
[20201106] - Core - CSRF in com_privacy emailexport feature
A missing token check in the emailexport feature of comprivacy causes a CSRF vulnerability...
[20210308] - Core - Path Traversal within joomla/archive zip class
Extracting an specifilcy crafted zip package could write files outside of the intended path...
[20210305] - Core - Input validation within the template manager
Missing input validation within the template manager...
[20210306] - Core - com_media allowed paths that are not intended for image uploads
commedia allowed paths that are not intended for image uploads...
[20190206] - Core - Implement the TYPO3 PHAR stream wrapper
The phar:// stream wrapper can be used for objection injection attacks. We now disallow usage of the phar:// handler for non .phar-files within the CMS globally by implementing the TYPO3 PHAR stream wrapper...
[20180801] - Core - Hardening the InputFilter for PHAR stubs
Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter...
[20180803] - Core - ACL Violation in custom fields
Inadequate checks regarding disabled fields can lead to an ACL violation...
[20180508] - Core - Possible XSS attack in the redirect method
Under specific circumstances a redirect issued with a URI containing a username and password when the Location: header cannot be used, a lack of escaping the user-info component of the URI could result in a XSS vulnerability...
[20120301] - Core - SQL Injection
Inadequate escaping leads to SQL injection vulnerability...
[20111102] - Core - Password Change
Weak random number generation during password reset leads to possibility of changing a user's password...
[20250402] - Core - MFA Authentication Bypass
Joomla! CMS versions: 4.0.0 - 4.4.12, 5.0.0 - 5.2.5...
[20220307] - Core - Variable Tampering on JInput $_REQUEST data
Under specific circumstances, JInput pollutes method-specific input bags with $REQUEST data...
[20220309] - Core - XSS attack vector through SVG
Possible XSS attack vector through SVG embedding in commedia...
[20220306] - Core - Inadequate validation of internal URLs
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not...
[20200702] - Core - Missing checks can lead to a broken usergroups table record
Missing validation checks at the usergroups table object can result into an broken site configuration...
ZOO by YOOtheme,3.3.33,SQL Injection
ZOO by YOOtheme,3.3.33,SQL Injection Fix SQL injection vulnerability in Admin Controllers new version number 3.3.34 Update Notice URL https://yootheme.com/support/zoo/changelog...
[20190101] - Core - Stored XSS in mod_banners
Inadequate escaping in modbanners leads to a stored XSS vulnerability...
[20201107] - Core - Write ACL violation in multiple core views
Lack of input validation while handling ACL rulesets can cause write ACL violations...
[20170404] - Core - XSS Vulnerability
Inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components...
[20240201] - Core - Insufficient session expiration in MFA management views
Joomla! CMS versions 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2...
[20210401] - Core - Escape xss in logo parameter error pages
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages...
SP Movie Database 1.3, SQL Injection
SP Movie Database version 1.3 by joomshaper.com, SQL Injection resolution: update to version 1.4 update notice: https://www.joomshaper.com/forums/sp-movie-database-component-updated-with-security-and-other-fixes...
Cookie consent from silktide, Unknown version, Other
Cookie consent from silktide, Unknown version, Malicious links aka https://cookieconsent.insites.com/download/ When the Cookie Consent plugin by Silktide stopped using Amazon CDN, someone hijacked their Amazon storage and began serving malicious scripts so that sites that still use old version of...
Resize Image On The Fly and Cache 1.1.0 and previous
Resize Image On The Fly and Cache - content plugin by s2software.it Version 1.1.0 and likely all previous Open folder permissions Resolution: update to version 1.3.3 Existing users will need to manually fix the permissions of folder /images/cache to 755 or delete it in order to be recreated by th...
[20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
Multiple Full Path Disclosures because of missing 'JEXEC or die check' caused by the PSR12 changes done in 4.2.0. According to PROD2020/023 and in coordination with the JSST this has been patched in the public tracker vis 38615...
[20200703] - Core - CSRF in com_privacy remove-request feature
A missing token check in the remove request section of comprivacy causes a CSRF vulnerability...
[20190104] - Core - Stored XSS issue in the Global Configuration help url
Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS...
JSP Store Locator, 2.4, SQL Injection
JSP Store Locator by Joomla Service Provider, versions 2.4 and previous, SQL Injection Resolution: update to 2.5 update notice: http://www.joomlaserviceprovider.com/jspblog/jsp-store-locator-2-5-security-release.html...
[20180101] - Core - XSS vulnerability in module chromes
Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system...
[20171101] - Core - LDAP Information Disclosure
Inadequate escaping in the LDAP authentication plugin can result in disclosure of username and password...
[20170901] - Core - Information Disclosure
A logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state...
Joomla Payage, 2.05, SQL Injection
Joomla Payage, 2.05 and previous, SQL Injection Resolution: update to 2.0.6 Update notice: http://www.lesarbresdesign.info/version-history/payage...
Vik Appointments 1.4 and previous
Vik Appointments 1.4 and previous, SQL Injection Resolution: update to 1.5 Update notice: https://extensionsforjoomla.com/blog/12-updates/46-security-notices-sql-injection-reports...
Helpdesk Pro by Ossolution Team [com_helpdeskpro], before 1.4.0, multiple vulns
Helpdesk Pro by Ossolution Team comhelpdeskpro, before 1.4.0, multiple vulns Vulnerabilities: Direct Object References Cross-Site Scripting SQL Injection Local file disclosure/Path traversal File Upload Fixed: vulnerability fixed in version 1.4.0 Developer's notice:...
[20090302] - Core - com_content XSS
A XSS vulnerability exists in the category view of comcontent...
[20250401] - Framework - SQL injection vulnerability in quoteNameStr method of Database package
Database Package version: 1.0.0-2.1.1, 3.0.0-3.3.1...
JoomGallery, 3.6.1, SQL Injection
Vulnerability Type: 3rd party extension - SQL Injection Version: Old 3.6.1 / New 3.6.2 Update details: Fix vulnerability type SQL Injection. Update URL: https://www.en.joomgalleryfriends.net/news-3-6-2.html Changelog URL:...
JCE Pro, 2.8.15, xss
This 2.8.15 an important security update is included to prevent potential cross-site scripting attacks. https://www.joomlacontenteditor.net/news/jce-pro-2-8-15-released...
[20200706] - Core - System Information screen could expose redis or proxy credentials
Inadequate filtering in the system information screen could expose redis or proxy credentials...
[20180802] - Core - Stored XSS vulnerability in the frontend profile
Inadequate output filtering on the user profile page could lead to a stored XSS attack...
J-Business Directory by CMS Junkie, 4.6.8, SQL Injection
J-Business Directory by CMS Junkie, 4.6.8, SQL Injection Resolution: update to 4.7.3 Update Notice URL: http://www.cmsjunkie.com/blog/cat/news-joomla-business-directory/post/joomlabusinessdirectory4-7-3release...
swmenufree, v8.3 ,Other
swmenufree, swMenuFree 8.3 for Joomla 2.5.x and 3.x , other Resolution: update to version 8.5 Update notice: http://www.swmenupro.com/downloads/swmenufree.html?view=document=1...
[20150601] - Core - Open Redirect
Inadequate checking of the return value allowed to redirect to an external page...