747 matches found
[20221002] - Core - RXSS through reflection of user input in headings
Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components...
JKassa, 2.0.0, SQL Injection
JKassa, 2.0.0, SQL Injection Update to latest version https://jkassa.com/en/extensions/jkassa.html...
jCart for OpenCart, jCart for OpenCart 3.0.3.19, XSS (Cross Site Scripting)
Here is the link on our site: https://extensions.soft-php.com/support/latest-news/79-joocart-jcart-30325-release-notice.html...
EDocman, 1.23.3, XSS (Cross Site Scripting)
developer update https://joomdonation.com/forum/edocman/75400-01st-august-2023-new-version-1-24-7-xss-issue-fixed.html...
[20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
Multiple Full Path Disclosures because of missing 'JEXEC or die check' caused by the PSR12 changes done in 4.2.0. According to PROD2020/023 and in coordination with the JSST this has been patched in the public tracker vis 38615...
JUX Timetable x
JUX TimetableVersion: Old 1.0.4 / New 1.0.5 Update URL: https://extensions.joomla.org/extension/jux-timetable/ Download URL: https://demo.joomlaux.com/download/pkgjuxtimetable.zip...
[20220301] - Core - Zip Slip within the Tar extractor
Extracting an specifilcy crafted tar package could write files outside of the intended path...
adblock detector nordmograph
Malicious script New in 2.1 : Miner feature discontinued This is a security release for the 3.x series of Joomla! This release fixes one low level security issues...
[20220308] - Core - Inadequate content filtering within the filter code
Inadequate content filtering leads to XSS vulnerabilities in various components...
[20220307] - Core - Variable Tampering on JInput $_REQUEST data
Under specific circumstances, JInput pollutes method-specific input bags with $REQUEST data...
Balbooa Forms, 2.0.6 (not tested on others), SQL Injection
Balbooa Forms, 2.0.6 , SQL Injection...
[20220309] - Core - XSS attack vector through SVG
Possible XSS attack vector through SVG embedding in commedia...
[20210801] - Core - Insufficient access control for com_media deletion endpoint
The media manager does not correctly check the user's permissions before executing a file deletion command...
[20210705] - Core - XSS in com_media imagelist
Inadequate escaping in the imagelist view of commedia leads to a XSS vulnerability...
[20210702] - Core - DoS through usergroup table manipulation
Missing validation of input could lead to a broken usergroups table...
[20210704] - Core - Privilege escalation through com_installer
Install action in cominstaller lack the required hardcoded ACL checks for superusers, leading to various potential attack vectors. A default system is not affected cause by default cominstaller is limited to super users already...
[20210701] - Core - XSS in JForm Rules field
Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability...
[20210503] - Core - CSRF in data download endpoints
A missing token check causes a CSRF vulnerability in data download endpoints in combanners and comsysinfo...
[20210502] - Core - CSRF in AJAX reordering endpoint
A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint...
[20220304] - Core - Missing input validation within com_fields class inputs
Lack of input validation could allow an XSS attack using comfields...
YooRecipe, All,
SQL injection vulnerability possibly all versions abandoned extension...
[20220306] - Core - Inadequate validation of internal URLs
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not...
[20210401] - Core - Escape xss in logo parameter error pages
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages...
[20210501] - Core - Adding HTML to the executable block list of MediaHelper::canUpload
HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors...
[20220305] - Core - Inadequate filtering on the selected Ids
Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection...
[20220302] - Core - Path Disclosure within filesystem error messages
Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application...
[20210309] - Core - Inadequate filtering of form contents could allow to overwrite the author field
Inadequate filtering of form contents could allow to overwrite the author field. The affected core components are comfields, comcategories, combanners, comcontact, comnewsfeeds and comtags...
[20210302] - Core - Potential Insecure FOFEncryptRandval
The core shipped but unused randval implementation within FOF FOFEncryptRandval used an potential insecure implemetation. That has now been replaced with a call to "randombytes" and its backport that is shipped within randomcompat...
[20210301] - Core - Insecure randomness within 2FA secret generation
Usage of the insecure rand function within the process of generating the 2FA secret.Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes...
[20210402] - Core - Inadequate filters on module layout settings
Inadequate filters on module layout settings could lead to an LFI...
RealPin by Frumania, SQL, 1.5.04
Name: Realpin Old 1.5.04 / New 1.6.0 Update details: Fixed risk of SQL Injection Update URL: https://realpin.frumania.com/...
JomSocial , 4.7.6, XSS (Cross Site Scripting)
JomSocial , 4.7.6, XSS Cross Site Scripting investigation...
publisher, 3.0.19, XSS (Cross Site Scripting)
ijoomlapublisher, 3.0.19, XSS Cross Site Scripting...
[20210307] - Core - ACL violation within com_content frontend editing
Incorrect ACL checks could allow unauthorized change of the category for an article...
paGO Commerce, 2.5.9.0, SQL Injection
paGO Commerce, 2.5.9.0, SQL Injection...
[20201104] - Core - SQL injection in com_users list view
Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list...
[20201106] - Core - CSRF in com_privacy emailexport feature
A missing token check in the emailexport feature of comprivacy causes a CSRF vulnerability...
[20201103] - Core - Path traversal in mod_random_image
The folder parameter of modrandomimage lacked input validation, leading to a path traversal vulnerability...
[20220303] - Core - User row are not bound to a authentication mechanism
A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover...
[20201102] - Core - Disclosure of secrets in Global Configuration page
The globlal configuration page does not remove secrets from the HTML output, disclosing the current values...
[20210308] - Core - Path Traversal within joomla/archive zip class
Extracting an specifilcy crafted zip package could write files outside of the intended path...
[20210103] - Core - XSS in com_tags image parameters
Lack of escaping of image-related parameters in multiple comtags views cause lead to XSS attack vectors...
[20210102] - Core - XSS in mod_breadcrumbs aria-label attribute
Lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...
[20200801] - Core - XSS in mod_latestactions
Lack of escaping in modlatestactions allows XSS attacks...
[20201105] - Core - User Enumeration in backend login
Improper handling of the username leads to a user enumeration attack vector in the backend login page...
JCE Pro, 2.8.15, xss
This 2.8.15 an important security update is included to prevent potential cross-site scripting attacks. https://www.joomlacontenteditor.net/news/jce-pro-2-8-15-released...
CMS2CMS, Connector Extension, 2.00 permissions
CMS2CMS Connector Extension 2.00 Update of the permission type created for the catalog file 2.01...
js jobs, 1.3, SQL Injection
js jobs,1.3,SQL Injection...
[20210101] - Core - com_modules exposes module names
Lack of ACL checks in the orderPosition endpoint of commodules leak names of unpublished and/or inaccessible modules...
[20200802] - Core - Open redirect in com_content vote feature
Lack of input validation in comcontent leads to an open redirect...