725 matches found
[20190304] - Core - Missing ACL check in sample data plugins
The sample data plugins lack ACL checks, allowing unauthorized access...
[20190303] - Core - XSS in media form field
The media form field lacks escaping, leading to a XSS vulnerability...
[20190302] - Core - XSS in item_title layout
The itemtitle layout in edit views lacks escaping, leading to a XSS vulnerability...
Edocman,1.1.17,SQL Injection
Edocman,1.1.17,SQL Injection Extension Update Details Fix security issue on Joomla SQL injection from previous Edocman version. new version number 1.11.8 UpdateNotice URL...
[20210703] - Core - Lack of enforced session termination
Various CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked...
Easy Shop ,1.2.3 ,Other
Easy Shop ,1.2.3 ,Other Developer update 1.2.4 https://www.joomtech.net/blog/easyshop-1-2-4-security-issues-fixed Developer did not tellvel...
JoomCRM 1.1.1
new version number 1.1.2 https://www.joomboost.com/blog-updates/joomcrm-version-1-1-2-security-announcement.html...
JoomProject 1.1.3.2 ID
new version number 1.1.3.3 https://www.joomboost.com/blog-updates/joomproject-version-1-1-3-3-security-announcement.html...
J-CruiseReservation 6.0.2 sqli
new version number 6.0.4 UpdateNotice URL https://www.cmsjunkie.com/blog/cruise-reservations-update/...
[20190206] - Core - Implement the TYPO3 PHAR stream wrapper
The phar:// stream wrapper can be used for objection injection attacks. We now disallow usage of the phar:// handler for non .phar-files within the CMS globally by implementing the TYPO3 PHAR stream wrapper...
[20190203] - Core - Additional warning in the Global Configuration textfilter settings
"No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior but might be unexpected for the user. An additional message is now shown in the configuration dialog...
[20190204] - Core - Stored XSS issue in the Global Configuration help url #2
Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS...
[20190602] - Core - XSS in subform field
The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors...
kunena,5.1.7,XSS (Cross Site Scripting)
kunena,5.1.7,XSS Cross Site Scripting https://www.kunena.org/blog/201-kunena-5-1-8-released...
Jomres,9.14.0 & lower,Other
Jomres,9.14.0 & lower Developer statement new version number 9.15.0 UpdateNotice URL https://www.jomres.net/blog/99-jomres-9-15-0-security-release-new-features Changelog Url https://www.jomres.net/support/changelog...
[20190104] - Core - Stored XSS issue in the Global Configuration help url
Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS...
[20190102] - Core - Stored XSS in com_contact
Inadequate escaping in comcontact leads to a stored XSS vulnerability...
[20190101] - Core - Stored XSS in mod_banners
Inadequate escaping in modbanners leads to a stored XSS vulnerability...
[20190103] - Core - Stored XSS issue in the Global Configuration textfilter settings
Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS...
music collection, 3.0.3 ,SQL Injection
music collection, 3.0.3 ,SQL Injection Developer statement: currently at version 3.0.6, this was already fixed in 3.0.4...
kunena,5.1.6.1,XSS (Cross Site Scripting)
kunena,5.1.6.1,XSS Cross Site Scripting Developer statement: Update to 5.1.7 https://www.kunena.org/blog/200-kunena-5-1-7-released...
Jimtawl 2.2.7 - 'id' SQL Injection
Jimtawl 2.2.7 - 'id' SQL Injection Developer statement update to 2.2.8 http://janguo.de/lang-de/joomla-25-higher/joomla-25-jimtawl-2-1.html...
[20190201] - Core - Lack of URL filtering in various core components
Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability...
[20201107] - Core - Write ACL violation in multiple core views
Lack of input validation while handling ACL rulesets can cause write ACL violations...
CW Article Attachments (Pro Version), SQL Injection
CW Article Attachments Pro Version from cwjoomla.com, versions 2.1.0 and previous, SQL Injection resolution: update to 2.1.2 update notice: http://www.cwjoomla.com/download-cw-article-attachments...
CW Article Attachments (Free Version), SQL Injection
CW Article Attachments Free Version from cwjoomla.com, versions 1.0.6 and previous, SQL Injection resolution: update to 1.0.7 update notice: http://www.cwjoomla.com/download-cw-article-attachments...
kunena,5.1.4,Other
kunena,5.1.4,Other statement post: https://www.kunena.org/blog/198-kunena-5-1-5-released...
JSN Framework System Plugin, 2.1.5
JSN Framework System Plugin, versions 2.1.5 and previous, unrestricted file uploads without any authorization Resolution: update to 2.1.6 Update notice: https://www.joomlashine.com/forums/jsn-extension-framework-gen-1-plugin-v2-1-6-is-released.html Users are strongly urged to update immediately...
[20190205] - Core - XSS Issue in core.js writeDynaList
Inadequate parameter handling in JS code could lead to an XSS attack vector...
[20181005] - Core - CSRF hardening in com_installer
Added additional CSRF hardening in cominstaller actions in the backend...
All Regular Labs extensions with editor buttons
All Regular Labs extensions with editor buttons, versions before 7 September 2018, cross site scripting XSS:- - Articles Anywhere - Conditional Content - Dummy Content - Modals - Modules Anywhere - Sliders - Snippets - Tabs - Tooltips The editor button popup urls could potentially be used...
[20190202] - Core - Browserside mime-type sniffing causes XSS attack vectors
A combination of specific webserver configurations, in connection with specific file types and browserside mime-type sniffing causes a XSS attack vector...
[20181001] - Core - Hardening com_contact contact form
Inadequate checks in comcontact could allowed mail submission in disabled forms...
Gantry package 5.4.26 ,Other
Gantry package containing "Twig" library creates folders with improper folder permissions. On some servers this may lead to world writeable folders. see https://github.com/gantry/gantry5/issues/2363 https://github.com/twigphp/Twig/issues/2353 developer states not a security issue within their...
Magiczoomplus for Joomla, 3.3.4, Insecure Folder Permissions
Magiczoomplus for Joomla, versions 3.3.4 and previous, Sensitive information disclosure, Insecure folder permissions, Remote call information disclosure. Resolution: update to 3.3.6 Update notice: https://www.magictoolbox.com/jv-release-update/ Note that the VEL do not agree with the developer's...
Forms by Balbooa.com,1.7.2,Information Disclosure
Forms by Balbooa.com,1.7.2,Information Disclosure Resolution: update to 1.7.4 there was a previous update 1.7.3 which did not entirely fix the issue update notice: https://support.balbooa.com/forum/joomla-forms/5441-balbooa-joomla-forms-v-1-7-4...
[20180801] - Core - Hardening the InputFilter for PHAR stubs
Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter...
Jcomments, version 3.0.5, Input Validation Vulnerability
jcomments,versions 3.0.5 and all previous, inadequate input validation of objectgroup parameter leads to possible exploits including arbitrary local file inclusion resolution: update to version 3.0.6 There is evidence that this is being actively exploited, so users are recommended to update ASAP...
J-Business Directory,4.9.3,SQL Injection
jBusiness Directory from CMS Junkie,4.9.3 and previous versions, SQL Injection, XSS resolution: update to 4.9.4 update notice: http://www.cmsjunkie.com/blog/joomlabusinessdirectory4-9-4release/ Note that the developer did not inform the VEL...
Magiczoomplus for Virtuemart, 4.9.4, Insecure Folder Permissions
Virtuemart plugin magiczoomplus v4.9.4 and previous, Sensitive information disclosure, Insecure folder permissions, Remote call information disclosure. Resolution: Update to 4.9.6 Update notice: https://www.magictoolbox.com/jv-release-update/ Note that the VEL do not agree with the developer's...
Kunena,5.0 - 5.1.1,Other
Kunena,5.0 - 5.1.1,Other Developer statement The Kunena team has announce the arrival of Kunena 5.1.2 K 5.1.2 which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the...
[20180803] - Core - ACL Violation in custom fields
Inadequate checks regarding disabled fields can lead to an ACL violation...
[20180802] - Core - Stored XSS vulnerability in the frontend profile
Inadequate output filtering on the user profile page could lead to a stored XSS attack...
Advertisement Board 3.1.0
Advertisement Board by Ordasoft, versions 3.1.0 and previous, SQL Injection Resolution: update to 3.1.4 Update notice:https://ordasoft.com/News/News/advertisement-board-security-update.html...
[20181002] - Core - Inadequate default access level for com_joomlaupdate
Joomla’s comjoomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access comjoomlaupdate and trigger a code execution...
[20181003] - Core - Access level Violation in com_tags
Inadequate checks on the tags search fields can lead to an access level violation...
Community Builder, 2.4.2
Community Builder, 2.4.1 and previous, resolution: update to 2.4.2 update notice: https://www.joomlapolis.com/news/18843-community-builder-2-4-2-security-maintenance-and-features-release...
Community Builder, 2.1.4, XSS
Community Builder, 2.1.4 and previous, XSS Cross site scripting resolution: update to 2.1.5 update notice: https://www.joomlapolis.com/news/18791-community-builder-2-1-5-security-and-maintenance-release...
booking calendar for joomla!
Booking Calendar for Joomla! update to 3.4.0 various security patches. Note END OF LIFE https://www.joomlabookingcalendar.com/last-update/ Last known version number 3.4.0...
[20180506] - Core - Filter field in com_fields allows remote code execution
Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option...