Lucene search
K
JoomlaMost viewed

725 matches found

Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2023/08/18 12:0 a.m.•21 views

acymailing, pre 8.7.0 , Other

acymailing, pre 8.7.0 , Other multiple...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2022/07/07 12:0 a.m.•21 views

JUX Timetable x

JUX TimetableVersion: Old 1.0.4 / New 1.0.5 Update URL: https://extensions.joomla.org/extension/jux-timetable/ Download URL: https://demo.joomlaux.com/download/pkgjuxtimetable.zip...

7.2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2021/05/06 12:0 a.m.•21 views

[20220304] - Core - Missing input validation within com_fields class inputs

Lack of input validation could allow an XSS attack using comfields...

6.1CVSS3.5AI score0.00565EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/10/20 12:0 a.m.•21 views

paGO Commerce, 2.5.9.0, SQL Injection

paGO Commerce, 2.5.9.0, SQL Injection...

2.4AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/03/25 12:0 a.m.•21 views

acymailing, 6.9.2,Other

acymailing, 6.9.2,Other Update to version 6.9.2 Developer did not inform the VEL team...

3.1AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2019/09/11 12:0 a.m.•21 views

PayPlans,4.0, ID

PayPlans,4.0, ID https://stackideas.com/blog/payplans-4013 Update to 4.0.13...

7.2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2019/05/14 12:0 a.m.•21 views

oziogallery,5.0.1,XSS (Cross Site Scripting)

oziogallery,5.0.1,XSS Cross Site Scripting Update Notice URL https://www.facebook.com/groups/oziogallery/permalink/1588619457938122/ Change log Url https://www.opensourcesolutions.es/en/ext/ozio-gallery.htmlChangelog...

Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/06/20 12:0 a.m.•21 views

[20181003] - Core - Access level Violation in com_tags

Inadequate checks on the tags search fields can lead to an access level violation...

4.3CVSS3AI score0.01181EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/29 12:0 a.m.•21 views

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

1.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/12/20 1:34 p.m.•21 views

B2j Contact,2.0 and other,Other

B2j Contact,2.0 and other,Other Resolved by upgrading to 2.1.15...

1.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/08/29 12:0 a.m.•21 views

Street Guesser,1.1.8,SQL Injection

Street Guesser by Normograph, version 1.1.8, SQL Injection resolution: update to 1.1.13 update notice: https://www.nordmograph.com/extensions/index.php?option=comvirtuemart=productdetailsproductid=160categoryid=1=58...

7.8AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/05/01 12:0 a.m.•21 views

Myportfolio,3.0.2,SQL Injection

Myportfolio,3.0.2,SQL Injection Developer statement new version number 3.0.3 Update Notice URL https://www.samybaxy.net/...

1.7AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/03/21 11:51 p.m.•21 views

Membership Pro and other OS Solution extensions

Os Solution products have fixed an issue in the Paypal payment gateway in five of their extensions and made new releases to fix it:- 1. Events Booking version 2.14.2 https://www.joomdonation.com/forum/events-booking-general-discussion/57320-events-booking-version-2-14-2-released.html 2...

1.8AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/02/20 12:0 a.m.•21 views

Joomloc-CAT, version 4.1.3, SQL injection

Joomloc-CAT, version 4.1.3, SQL injection Resolution: update to 4.2.1 Update Notice URL http://www.joomloc.fr.nf/en/downloads-products/file/joomloc-pro-channel-manager-pms.html...

1.4AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/02/14 12:0 a.m.•21 views

JE Property Finder, 1.6.3

JE Property Finder,1.6.3,SQL Injection...

2.3AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/02/02 12:0 a.m.•21 views

Virtuemart 3.0.10 and previous

XSS Resolution: update to 3.0.12 or 2.6.22 for VM2 users Update notice: http://virtuemart.net/news/latest-news/473-security-release-virtuemart-3-0-12 Note that developer did not inform the VEL...

7.1AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/09/27 12:0 a.m.•21 views

Huge IT Slider,1.0.9,SQL Injection

Huge IT Slider,1.0.9,SQL Injection Resolution: update to 1.1.0 update notice: https://huge-it.com/joomla-extensions-security-notice/...

0.6AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/08/13 12:0 a.m.•21 views

nitroslider,1.0.0

nitroslider,1.0.0 open folder permissions update to 1.0.1 update notice: https://www.themechoice.com/joomla-extensions/nitro-layer-slider...

0.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/02/06 12:0 a.m.•21 views

[20170408] - Core - Information Disclosure

Multiple files caused full path disclosures on systems with enabled error reporting...

5.3CVSS0.9AI score0.01129EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/01/31 12:0 a.m.•21 views

EasySocial versions before 1.4.7

EasySocial versions before 1.4.7: Code injection Resolution: update to 1.4.7 Update notice: http://stackideas.com/blog/critical-update-for-easysocial-update-to-1-4-7-now...

2.2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/09/02 12:0 a.m.•21 views

JCE - A Content Editor for Joomla, 2.5.0, 2.5.1, 2.5.2

JCE - A Content Editor for Joomla, vulnerable versions: 2.5.0, 2.5.1, 2.5.2, Vulnerability type: other Resolution: update to version 2.5.3 Update Notice URL https://www.joomlacontenteditor.net/news/item/jce-253-released Developer says that versions prior to 2.5.0 do not appear to be affected, but...

1.7AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/06/20 3:22 p.m.•21 views

Art Pretty Photo [artprettyphoto],1.9.21 and below,XSS (Cross Site Scripting)

Art Pretty Photo artprettyphoto, 1.9.21 and below, XSS Cross Site Scripting...

1.4AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/06/11 1:25 p.m.•21 views

BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure

BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure Resolution: update to version 3.1.2 or 2.5.2 for users of Joomla 2.5.x update notice: http://beesto.com/forum/read.php?25,1963,1963msg-1963...

0.5AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/25 6:28 p.m.•21 views

"J-ClassifiedsManager" by CMSjunkie

"J-ClassifiedsManager" by CMSjunkie, versions before 2.1.0, SQL injection Resolution Update to 2.1.0 UpdateNoticeURL http://www.cmsjunkie.com/blog/joomla-classifieds-manager-2-1-0-release/...

2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/23 6:12 a.m.•21 views

"Simple Email Form" by unlikelysource.com, 1.8.5 and below

"Simple Email Form" by unlikelysource.com, 1.8.5 and older; XSS Resolution: update to version 1.8.6 Update notice URL: http://joomla.unlikelysource.org/index.php...

0.7AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/03/27 3:49 p.m.•21 views

youtube plugin - youtubejoomla ,1.1

youtube plugin - Stian Totland,1.1 ,Other , youtubejoomla...

2.5AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/01/19 12:0 a.m.•21 views

JCE - Joomla Content Editor 2.4.5 and previous

Versions 2.4.5 and previous Update to Version 2.4.6 improves security in add-on installation system UpdateNoticeURL https://www.joomlacontenteditor.net/news/item/jce-246-released...

2.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/12/02 1:47 a.m.•21 views

edocuman, 1.6.0, Other

edocuman, 1.6.0, Other Developer update notice http://joomdonation.com/forum/edocman/45095-low-security-edocman-1-6-1-released.html53433...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/03/08 11:6 a.m.•21 views

plg_highlight_content, 1.5 and previous

plghighlightcontent, 1.5 and previious versions, XSS Cross Site Scripting update notice: http://www.jonijnm.es/web/descargas/category/9-highlight-code.html...

6.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/02/08 11:0 p.m.•21 views

ODude Ecard - DT

ODude Ecard - DT - 777 developer statement - ODude Ecard Version 2.1 http://www.odude.com/main/odude-ecard/ecard-log.html...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2013/09/25 11:29 p.m.•21 views

Mijo Analytics, Joomla 2.5.x,

Mijo Analytics, Joomla 2.5.x, SQL Injection...

2.6AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2012/05/01 12:0 a.m.•21 views

[20120602] - Core - Information Disclosure

Inadequate filtering leads SQL error and information disclosure...

7.4AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2011/09/23 12:0 a.m.•21 views

[20110903] - Core - Information Disclosure

Inadequate error checking causes information disclosure...

6.8AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2025/02/25 12:0 a.m.•20 views

[20250301] - Core - Malicious file uploads via Media Manager

Joomla! CMS versions 4.0.0-4.4.11, 5.0.0-5.2.4...

7.1CVSS6.5AI score0.00453EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2024/06/09 12:0 a.m.•20 views

[20240705] - Core - XSS in com_fields default field value

The Custom Fields component not correctly filter inputs, leading to a XSS vector...

6.1CVSS5.8AI score0.00447EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/07/16 12:0 a.m.•20 views

CMS2CMS, Connector Extension, 2.00 permissions

CMS2CMS Connector Extension 2.00 Update of the permission type created for the catalog file 2.01...

2.1AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/05/20 12:0 a.m.•20 views

Ordasoft CCK, 6.1.12 Various

Ordasoft CCK, 6.1.12 Various,,Other new version number...

3.4AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2019/02/25 12:0 a.m.•20 views

[20190303] - Core - XSS in media form field

The media form field lacks escaping, leading to a XSS vulnerability...

6.1CVSS2.7AI score0.00754EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/12/30 10:2 p.m.•20 views

kunena,5.1.7,XSS (Cross Site Scripting)

kunena,5.1.7,XSS Cross Site Scripting https://www.kunena.org/blog/201-kunena-5-1-8-released...

7.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/11/20 6:46 p.m.•20 views

kunena,5.1.6.1,XSS (Cross Site Scripting)

kunena,5.1.6.1,XSS Cross Site Scripting Developer statement: Update to 5.1.7 https://www.kunena.org/blog/200-kunena-5-1-7-released...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/08/21 12:0 a.m.•20 views

Calendar Planner 1.0.1 - SQL Injection

Calendar Planner 1.0.1 - SQL Injection resolution: update to 1.0.2 update notice: http://www.joomlathat.com/news/news/calendar-planner/calendar-planner-1-0-2-security-release...

0.7AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/03/11 12:47 p.m.•20 views

PayPal IPN for DOCman by shopfiles.com,3.1,SQL Injection

PayPal IPN for DOCman by shopfiles.com, 3.1, SQL Injection...

2.5AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/03/06 11:36 a.m.•20 views

JO Facebook gallery,4.5,SQL Injection

JO Facebook gallery by Joomcore.com, 4.5,SQL Injection resolution: update to 4.6 Update Notice URL http://joomcore.com/news-updates/item/109-update-jo-facebook-gallery-to-version-4-6-fixed-problem-sql-injection-in-version-4-5...

0.9AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/09/24 12:0 a.m.•20 views

Huge IT Video Gallery,1.1.1,XSS (Cross Site Scripting)

Huge IT Video Gallery,1.1.1,XSS Cross Site Scripting Also versions 1.0.9 and previous have SQL injection vulnerability Resolution: update to version 1.1.3 Update notice: https://huge-it.com/joomla-extensions-security-notice/...

1.1AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/04/28 12:0 a.m.•20 views

Komento 2.0.6, xss

We just released Komento 2.0.7 to address a security issue where a remote attacker may be able to launch an xss attack in prior versions of Komento. update notice: https://stackideas.com/blog/important-komento-2-0-7-security-fix...

2.4AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/02/05 12:0 a.m.•20 views

[20160802] - Core - XSS Vulnerability

Inadequate escaping leads to XSS vulnerability in mail component...

6.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/08/17 12:0 a.m.•20 views

Event Manager, 2.1.4 and below, multiple vulnerabilities

Event Manager, 2.1.4 and below, SQLi and Unrestricted File Upload Fixed in version 2.1.4.2 Notice: http://www.joomlaeventmanager.net/project/changelog-jem-2...

7.1AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/05/23 6:37 p.m.•20 views

Football [com_football],SQL Injection

Component comfootball, unknown version possibly joomleague fork SQL Injection...

4.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/19 12:0 a.m.•20 views

Kunena,3.0.7 and previous

Kunena,3.0.7 and previous,Other Resolution: update to 3.0.8 Update notice url: http://www.kunena.org/blog/143-kunena-3-0-8-released Note that the developer did not inform the VEL...

0.4AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/01/20 10:8 p.m.•20 views

Jdownloads Pre 3.2.23

Jdownloads Extension Update Details Version 3.2.23 eliminates two vulnerabilities to prevent SQL injections. Only low risk. UpdateNoticeURL http://www.jdownloads.com/index.php?option=comcontent=article=234:jdownloads-3223-beta-published=51:news...

7.9AI score
Exploits0
Total number of security vulnerabilities725