Lucene search
K
JoomlaMost viewed

747 matches found

Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/02/20 12:0 a.m.•22 views

Joomloc-CAT, version 4.1.3, SQL injection

Joomloc-CAT, version 4.1.3, SQL injection Resolution: update to 4.2.1 Update Notice URL http://www.joomloc.fr.nf/en/downloads-products/file/joomloc-pro-channel-manager-pms.html...

1.4AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/12/28 12:0 a.m.•22 views

JMS Support Online module, 2.0.0, XSS (Cross Site Scripting)

JMS Support Online module,2.0.0,XSS Cross Site Scripting...

0.9AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/09/27 12:0 a.m.•22 views

Huge IT Slider,1.0.9,SQL Injection

Huge IT Slider,1.0.9,SQL Injection Resolution: update to 1.1.0 update notice: https://huge-it.com/joomla-extensions-security-notice/...

0.6AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/08/13 12:0 a.m.•22 views

nitroslider,1.0.0

nitroslider,1.0.0 open folder permissions update to 1.0.1 update notice: https://www.themechoice.com/joomla-extensions/nitro-layer-slider...

0.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/02/05 12:0 a.m.•22 views

[20170701] - Core - Information Disclosure

Improper cache invalidation leads to disclosure of form contents...

7.5CVSS7.2AI score0.02303EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/09/08 12:0 a.m.•22 views

Master User, versions before 2.1.4

Versions before 2.1.4 suffered from an issue with insecure default settings, the issue affects Joomla 3.4 sites only, but users are advised by the developer to update anyway. Resolution: Update to version 2.1.4 Update notice URL:...

2.1AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/06/20 3:22 p.m.•22 views

Art Pretty Photo [artprettyphoto],1.9.21 and below,XSS (Cross Site Scripting)

Art Pretty Photo artprettyphoto, 1.9.21 and below, XSS Cross Site Scripting...

1.4AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/19 12:0 a.m.•22 views

Kunena,3.0.7 and previous

Kunena,3.0.7 and previous,Other Resolution: update to 3.0.8 Update notice url: http://www.kunena.org/blog/143-kunena-3-0-8-released Note that the developer did not inform the VEL...

0.4AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/13 1:49 p.m.•22 views

Face Gallery by Apptha [com_facegallery] version 1.0

Face Gallery by Apptha comfacegallery, version 1.0 exploit: Other...

3.6AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/03/27 3:49 p.m.•22 views

youtube plugin - youtubejoomla ,1.1

youtube plugin - Stian Totland,1.1 ,Other , youtubejoomla...

2.5AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/01/19 12:0 a.m.•22 views

JCE - Joomla Content Editor 2.4.5 and previous

Versions 2.4.5 and previous Update to Version 2.4.6 improves security in add-on installation system UpdateNoticeURL https://www.joomlacontenteditor.net/news/item/jce-246-released...

2.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/09/30 5:29 p.m.•22 views

Akeeba CMS Update

Extension Update Details Akeeba CMS Update 1.0.2 Update Notice URL https://www.akeebabackup.com/home/news/1605-security-update-sep-2014.html...

0.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2012/05/01 12:0 a.m.•22 views

[20120602] - Core - Information Disclosure

Inadequate filtering leads SQL error and information disclosure...

7.4AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2009/06/30 12:0 a.m.•22 views

[20090604] - Core - Frontend XSS - HTTP_REFERER not properly filtered

An attacker can inject JavaScript or DHTML code that will be executed in the context of targeted user browser, allowing the attacker to steal cookies. HTTPREFERER variable is not properly parsed...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2025/09/04 12:0 a.m.•21 views

[20250902] - Core - User-Enumeration in passkey authentication method

Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method...

5.3CVSS5.8AI score0.00258EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2024/06/08 12:0 a.m.•21 views

[20240704] - Core - XSS in Wrapper extensions

The wrapper extensions do not correctly validate inputs, leading to XSS vectors...

6.1CVSS5.8AI score0.00463EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2023/08/18 12:0 a.m.•21 views

acymailing, pre 8.7.0 , Other

acymailing, pre 8.7.0 , Other multiple...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2022/12/27 12:0 a.m.•21 views

LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login , 5.0.2, Other

Other : 5.0.2 Exploit Check developer for new releases...

2.7AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/10/20 12:0 a.m.•21 views

paGO Commerce, 2.5.9.0, SQL Injection

paGO Commerce, 2.5.9.0, SQL Injection...

2.4AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2020/07/16 12:0 a.m.•21 views

CMS2CMS, Connector Extension, 2.00 permissions

CMS2CMS Connector Extension 2.00 Update of the permission type created for the catalog file 2.01...

2.1AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2019/09/11 12:0 a.m.•21 views

PayPlans,4.0, ID

PayPlans,4.0, ID https://stackideas.com/blog/payplans-4013 Update to 4.0.13...

7.2AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/12/30 10:2 p.m.•21 views

kunena,5.1.7,XSS (Cross Site Scripting)

kunena,5.1.7,XSS Cross Site Scripting https://www.kunena.org/blog/201-kunena-5-1-8-released...

7.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/11/20 6:46 p.m.•21 views

kunena,5.1.6.1,XSS (Cross Site Scripting)

kunena,5.1.6.1,XSS Cross Site Scripting Developer statement: Update to 5.1.7 https://www.kunena.org/blog/200-kunena-5-1-7-released...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/06/20 12:0 a.m.•21 views

[20181003] - Core - Access level Violation in com_tags

Inadequate checks on the tags search fields can lead to an access level violation...

4.3CVSS3AI score0.01181EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/29 12:0 a.m.•21 views

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

1.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/12/20 1:34 p.m.•21 views

B2j Contact,2.0 and other,Other

B2j Contact,2.0 and other,Other Resolved by upgrading to 2.1.15...

1.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/08/29 12:0 a.m.•21 views

Street Guesser,1.1.8,SQL Injection

Street Guesser by Normograph, version 1.1.8, SQL Injection resolution: update to 1.1.13 update notice: https://www.nordmograph.com/extensions/index.php?option=comvirtuemart=productdetailsproductid=160categoryid=1=58...

7.8AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/08/21 12:0 a.m.•21 views

Calendar Planner 1.0.1 - SQL Injection

Calendar Planner 1.0.1 - SQL Injection resolution: update to 1.0.2 update notice: http://www.joomlathat.com/news/news/calendar-planner/calendar-planner-1-0-2-security-release...

0.7AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/03/11 12:47 p.m.•21 views

PayPal IPN for DOCman by shopfiles.com,3.1,SQL Injection

PayPal IPN for DOCman by shopfiles.com, 3.1, SQL Injection...

2.5AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2017/02/14 12:0 a.m.•21 views

JE Property Finder, 1.6.3

JE Property Finder,1.6.3,SQL Injection...

2.3AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/10/20 12:0 a.m.•21 views

ja-k2- filter-and- search, SQL Injection

ja-k2- filter-and- search, version 1.2.2 and all previous SQL Injection Resolution: update to 1.2.5 Update notice: https://www.joomlart.com/updates/joomla-extensions/important-security-fix-release-ja-k2-filter-component?utmsource=newslettermedium=emailcampaign=k2filtercritical Note that developer...

7.1AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/09/24 12:0 a.m.•21 views

Huge IT Video Gallery,1.1.1,XSS (Cross Site Scripting)

Huge IT Video Gallery,1.1.1,XSS Cross Site Scripting Also versions 1.0.9 and previous have SQL injection vulnerability Resolution: update to version 1.1.3 Update notice: https://huge-it.com/joomla-extensions-security-notice/...

1.1AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/02/06 12:0 a.m.•21 views

[20170408] - Core - Information Disclosure

Multiple files caused full path disclosures on systems with enabled error reporting...

5.3CVSS0.9AI score0.01129EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/02/05 12:0 a.m.•21 views

[20160802] - Core - XSS Vulnerability

Inadequate escaping leads to XSS vulnerability in mail component...

6.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2016/01/31 12:0 a.m.•21 views

EasySocial versions before 1.4.7

EasySocial versions before 1.4.7: Code injection Resolution: update to 1.4.7 Update notice: http://stackideas.com/blog/critical-update-for-easysocial-update-to-1-4-7-now...

2.2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/10/25 12:0 a.m.•21 views

Realtyna RPL,8.9.2,Other

Realtyna RPL,8.9.2,Other Resolution: update to 8.9.5 Update notice URL http://rpl.realtyna.com/Change-Logs/RPL7-Changelog...

0.2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/09/11 12:0 a.m.•21 views

Extplorer, 2.1.7 and previous

Developer startement eXtplorer 2.1.8 released Today eXtplorer 2.1.8 was released, fixing some minor vulnerabilities. Changelog: - added security functions for protection against CSRF attacks - fixed "directories with the name '0' are not loading" An update is recommended...

0.8AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/09/02 12:0 a.m.•21 views

JCE - A Content Editor for Joomla, 2.5.0, 2.5.1, 2.5.2

JCE - A Content Editor for Joomla, vulnerable versions: 2.5.0, 2.5.1, 2.5.2, Vulnerability type: other Resolution: update to version 2.5.3 Update Notice URL https://www.joomlacontenteditor.net/news/item/jce-253-released Developer says that versions prior to 2.5.0 do not appear to be affected, but...

1.7AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/08/17 12:0 a.m.•21 views

Event Manager, 2.1.4 and below, multiple vulnerabilities

Event Manager, 2.1.4 and below, SQLi and Unrestricted File Upload Fixed in version 2.1.4.2 Notice: http://www.joomlaeventmanager.net/project/changelog-jem-2...

7.1AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/06/11 1:25 p.m.•21 views

BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure

BeestoHelpDesk, 3.1.1 and probably all previous,Information Disclosure Resolution: update to version 3.1.2 or 2.5.2 for users of Joomla 2.5.x update notice: http://beesto.com/forum/read.php?25,1963,1963msg-1963...

0.5AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/05/23 6:37 p.m.•21 views

Football [com_football],SQL Injection

Component comfootball, unknown version possibly joomleague fork SQL Injection...

4.2AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/25 6:28 p.m.•21 views

"J-ClassifiedsManager" by CMSjunkie

"J-ClassifiedsManager" by CMSjunkie, versions before 2.1.0, SQL injection Resolution Update to 2.1.0 UpdateNoticeURL http://www.cmsjunkie.com/blog/joomla-classifieds-manager-2-1-0-release/...

2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/04/23 6:12 a.m.•21 views

"Simple Email Form" by unlikelysource.com, 1.8.5 and below

"Simple Email Form" by unlikelysource.com, 1.8.5 and older; XSS Resolution: update to version 1.8.6 Update notice URL: http://joomla.unlikelysource.org/index.php...

0.7AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/01/20 10:8 p.m.•21 views

Jdownloads Pre 3.2.23

Jdownloads Extension Update Details Version 3.2.23 eliminates two vulnerabilities to prevent SQL injections. Only low risk. UpdateNoticeURL http://www.jdownloads.com/index.php?option=comcontent=article=234:jdownloads-3223-beta-published=51:news...

7.9AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2015/01/20 12:0 a.m.•21 views

J2Store 2.5 to 2.8.3, SQL Injection

J2Store 2.5 to 2.8.3 SQL Injection Update to 2.8.4 UpdateNoticeURL http://j2store.org/blog/213-security-update-january-2015.html...

0.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/12/02 1:47 a.m.•21 views

edocuman, 1.6.0, Other

edocuman, 1.6.0, Other Developer update notice http://joomdonation.com/forum/edocman/45095-low-security-edocman-1-6-1-released.html53433...

7.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/11/15 1:27 p.m.•21 views

Admin Exile 2.3.5 sqli

Admin Exile version 2.3.5 SQL injection Developer Update Version 2.3.6 resolves an unpublished/theoretical SQL injection vulnerability. http://www.richeyweb.com/development/joomla-plugins/71-adminexile-for-joomla-16...

8.3AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/08/29 7:27 a.m.•21 views

joomla spider video, 2.8.3, sqli

joomla spider video, 2.8.3, SQL Injection UpdateNoticeURL http://web-dorado.com/products/joomla-player.html...

1.2AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/03/03 12:0 a.m.•21 views

ActiveHelper LiveHelp, 3.2.0, sqli

ActiveHelper LiveHelp, 3.2.0, SQL Injection We already updated the LiveHelp Server to the version 3.3.0 that include a security patch that fixes the reported issue. We also include a few improvements on other units. Update Notice URL...

2.5AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2014/02/26 2:55 p.m.•21 views

JJ Shoutbox, 1.2.6,

JJ Shoutbox, 1.2.6, Other Developer statement This security issue was for version 1.2.6 of JJ Shoutbox. We fixed this issue last night and released version 1.3.0 http://joomjunk.co.uk/products/module-home/shoutbox.htmlchangelog...

7.3AI score
Exploits0
Total number of security vulnerabilities747