Lucene search
K
JoomlaRecent

747 matches found

Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/07 12:0 a.m.•540 views

JB Bus, 2.3, SQL Injection

JB Bus by Joombooking, 2.3, SQL Injection...

9.8CVSS1.8AI score0.02703EPSS
Exploits5References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/07 12:0 a.m.•519 views

File Download Tracker,3.0,SQL Injection

File Download Tracker by techsolsystem.com, 3.0, SQL Injection...

9.8CVSS3.3AI score0.02703EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/07 12:0 a.m.•555 views

JQuickContact, 1.3.2.3, SQL Injection

JQuickContact by Wassim Jied, versions 1.3.2.3 and previous, SQL Injection resolution: update to 1.3.2.4 update notice: http://coderspirit.blogspot.com/2011/07/jquickcontact.html...

9.8CVSS2.6AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/07 12:0 a.m.•555 views

SquadManagement,1.0.3,SQL Injection

SquadManagement by Lars Hildebrandt, versions 1.0.3 and previous, SQL Injection...

9.8CVSS2.9AI score0.02703EPSS
Exploits5References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/06 12:0 a.m.•556 views

Checklist by Joomplace, 1.1.1.003, SQL Injection

Checklist by Joomplace, versions 1.1.1.003 and previous, SQL Injection resolution: update to 1.1.1.004 Update notice: https://www.joomplace.com/blog/security-update-for-checklist.html...

9.8CVSS2.7AI score0.08708EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/06 12:0 a.m.•600 views

CW Tags, 2.0.8, SQL Injection

CW Tags by CW Joomla, versions 2.0.8 and previous, SQL Injection Note that the VEL do not agree with the developer's assessment of this as a "low level" security issue Resolution: update to version 2.1.1 Update notice: http://www.cwjoomla.com/download-cw-tags...

9.8CVSS2.4AI score0.19493EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/06 12:0 a.m.•544 views

PrayerCenter,3.0.2,SQL Injection

PrayerCenter by Mike Leeper MLWebTechnologies, versions 3.0.2 and previous,SQL Injection resolution: update to 3.0.3 update notice: https://github.com/MLWebTechnologies/PrayerCenter...

9.8CVSS2.5AI score0.58373EPSS
Exploits6References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/06 12:0 a.m.•523 views

Ek rishta, 2.9, SQL Injection

Ek rishta by Harmis Technology, versions 2.9 and previous, SQL Injection Resolution: update to 2.10 update notice: https://joomlaextensions.co.in/extensions/other-extensions/product/Ek-Rishta...

9.8CVSS2.2AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/05 12:0 a.m.•508 views

JMS Music,1.1.1,SQL Injection

JMS Music by Joomasters, versions 1.1.1 and previous, SQL Injection...

4.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/05 12:0 a.m.•587 views

JGive, 2.0.9, SQL Injection

JGive by Techjoomla.com, versions 2.0.9 and previous, SQL Injection resolution: update to 2.0.11 update notice: https://techjoomla.com/blog/jgive/release-updates-for-jticketing-jboloand-invitex...

9.8CVSS2.2AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/05 12:0 a.m.•542 views

NeoRecruit, 4.2.1, SQL Injection

NeoRecruit by NeoJoomla, versions 4.2.1 and previous, SQL Injection resolution: update to 4.2.2 update notice: http://www.neojoomla.com/index.php?option=comcontent=view=275=2...

9.8CVSS9.6AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/04 12:0 a.m.•560 views

Form Maker, 3.6.14, SQL Injection

Form Maker by Web Dorado, Versions 3.6.14 and previous, SQL Injection resolution: update to 3.6.15 note that previous security release did not completely fix the issue update notice: https://web-dorado.com/products/joomla-form.html...

9.8CVSS1.8AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/04 12:0 a.m.•554 views

Alexandria Book Library, 3.1.3, SQL Injection

Alexandria Book Library by Federica Ugolotti, versions 3.1.3 and previous, SQL Injection note that security release 3.1.3 does not fully fix the issue resolution: update to 3.1.4 update notice: alexandriabooklibrary.org/en/downloads/18-components.html...

9.8CVSS4.3AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/03 12:0 a.m.•579 views

Jticketing, 2.0.16, SQL Injection

Jticketing by techjoomla.com, versions 2.0.16 and previous, SQL Injection resolution: update to 2.0.18 update notice: https://techjoomla.com/blog/jgive/release-updates-for-jticketing-jboloand-invitex...

9.8CVSS2.7AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/03 12:0 a.m.•544 views

JS Autoz ,1.0.9,SQL Injection

JS Autoz by Joomsky.com, 1.0.9 and previous, SQL Injection...

9.8CVSS3.6AI score0.19493EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/03 12:0 a.m.•539 views

Invitex, 3.0.5, SQL Injection

Invitex by techjoomla.com, versions 3.0.5 and previous, SQL Injection resolution: update to 3.0.6 update notice: https://techjoomla.com/blog/jgive/release-updates-for-jticketing-jboloand-invitex...

9.8CVSS2.2AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/02 12:0 a.m.•571 views

Gallery WD, 1.3.9, SQL Injection

Gallery WD by Web Dorado, versions 1.3.9 and previous, SQL Injection resolution: update to 1.3.10 update notice: https://web-dorado.com/products/joomla-gallery.html...

9.8CVSS1.8AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/01 12:0 a.m.•537 views

Media Library Free, 4.0.12, SQL Injection

Media Library Free by Ordasoft, versions 4.0.12 and previous, SQL Injection resolution: update to 4.0.21 update notice: https://ordasoft.com/News/News/media-library-security-update.html...

9.8CVSS9.6AI score0.02703EPSS
Exploits6References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/03/01 12:0 a.m.•598 views

Realpin,1.5.04,SQL Injection

Realpin by Marcel Törpe, versions 1.5.04 and previous, SQL Injection...

9.8CVSS4.1AI score0.02703EPSS
Exploits5References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/28 12:0 a.m.•76 views

Joomla! Pinterest Clone Social Pinboard,2.0,SQL Injection

Joomla! Pinterest Clone Social Pinboard from apptha.com, 2.0, multiple SQL Injection vulnerabilities...

9.8CVSS3.2AI score0.02703EPSS
Exploits5Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/28 12:0 a.m.•63 views

OS Property, 3.12.8, SQL Injection

OS Property from Joomdonation.com, 3.12.8 and previous, SQL Injection resolution: update to 3.12.9 note that previous security release 3.12.8 did not completely fix the issue update notice: https://www.joomdonation.com/forum/os-property/61368-os-property-3-12-9-released-security-issue-fixed.html...

9.8CVSS1AI score0.02018EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/27 12:0 a.m.•96 views

Proclaim, 9.1.1, Arbitrary File Upload

Proclaim from Christian Web Ministries installs as combiblestudy, versions 9.1.1 and previous, arbitrary file upload, also backup file download resolution: update to 9.1.2 fixes both issues update notice: https://github.com/Joomla-Bible-Study/Joomla-Bible-Study/releases...

9.8CVSS7.5AI score0.08213EPSS
Exploits10References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/26 12:0 a.m.•58 views

Saxum Numerology, 3.0.4, SQL Injection

Saxum Numerology, versions 3.0.4 and previous, SQL Injection...

9.8CVSS4.3AI score0.02703EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/26 12:0 a.m.•85 views

Saxum Astro, 4.0.14, SQL Injection

Saxum Astro, versions 4.0.14 and previous, SQL Injection...

9.8CVSS4.8AI score0.02759EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/26 12:0 a.m.•116 views

Kubik-Rubik Simple Image Gallery Extended (SIGE),3.2.3,XSS (Cross Site Scripting)

Kubik-Rubik Simple Image Gallery Extended SIGE, versions 3.2.3 and previous, XSS Cross Site Scripting resolution: update to 3.2.4 latest release is 3.3.0 update notice: https://joomla-extensions.kubik-rubik.de/sige-simple-image-gallery-extendedchangelog Note that the developer did not inform the ...

6.1CVSS0.5AI score0.02227EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/26 12:0 a.m.•106 views

Saxum Picker, 3.2.10, SQL Injection

Saxum Picker, vesions 3.2.10 and previous, SQL Injection...

9.8CVSS3.6AI score0.03953EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/23 12:0 a.m.•592 views

Smart Shoutbox, 2.9.5, SQL Injection

Smart Shoutbox by thekrotek.com, version 2.9.5 and previous, SQL Injection resolution: update to 3.0.0, version released July 2017 update notice: so far the developer has not made an update notice making clear that this was a security release The developer says "Version 3.0 is an absolutely new...

9.8CVSS3.4AI score0.02703EPSS
Exploits5References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/23 12:0 a.m.•47 views

Timetable Responsive Schedule, 1.6, SQL injection

Timetable Responsive Schedule For Joomla by QuanticaLabs, versions 1.6. and previous, SQL injection Resolution: update to 1.7 update notice: https://codecanyon.net/item/timetable-responsive-schedule-for-joomla/9749539item-descriptionupdates...

9.8CVSS1.6AI score0.19493EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/23 12:0 a.m.•115 views

Solidres, 2.5.0, SQL Injection

Solidres, 2.5.0 and previous, SQL Injection Resolution: update to 2.5.1 Update notice: https://www.solidres.com/download/show-all-downloads/solidres/solidres-2-5-1...

9.8CVSS1.1AI score0.03872EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/23 12:0 a.m.•33 views

JSP Store Locator, 2.4, SQL Injection

JSP Store Locator by Joomla Service Provider, versions 2.4 and previous, SQL Injection Resolution: update to 2.5 update notice: http://www.joomlaserviceprovider.com/jspblog/jsp-store-locator-2-5-security-release.html...

2.4AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/22 12:0 a.m.•52 views

JSP Tickets, 1.1, SQL Injection

JSP Tickets from Joomla Service Provider, versions 1.1 and previous, SQL Injection Resolution: update to version 1.2.0 Update notice: http://www.joomlaserviceprovider.com/jspblog/jsp-tickets-1-2-security-release.html...

9.8CVSS3AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/21 12:0 a.m.•50 views

Zh BaiduMap, 3.0.0.1, SQL Injection

Zh BaiduMap by zhuk.cc, versions 3.0.0.1 and previous, SQL Injection resolution: update to 3.0.1.0 update notice: http://zhuk.cc/2018/02/21/zh-baidumap-security-update/...

9.8CVSS1.6AI score0.58324EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/21 12:0 a.m.•66 views

ZH GoogleMap, 8.4.0.0, SQL Injection

ZH GoogleMap from zhuk.cc, versions 8.4.0.0 and previous, SQL Injection Resolution: update to 8.4.1.0 Update notice: http://zhuk.cc/2018/02/21/zh-googlemap-security-update-2/...

9.8CVSS2.2AI score0.02759EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/21 12:0 a.m.•87 views

ZH Yandex Map, 6.2.1.0, SQL Injection

ZH Yandex Map from zhuk.cc, versions 6.2.1.0 and previous, SQL Injection Resolution: update to version 6.3.1.0 Update notice: http://zhuk.cc/2018/02/21/zh-yandexmap-security-update-2/...

9.8CVSS1.8AI score0.02703EPSS
Exploits5References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/20 12:0 a.m.•18 views

Jimtawl, 2.2.6, Arbitrary File Upload

Jimtawl from janguo.de, 2.2.6, arbitrary file upload Resolution: update to 2.2.7 Update notice: http://janguo.de/lang-de/joomla-25-higher/jimtawl.html...

0.7AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/20 12:0 a.m.•19 views

JS Jobs, 1.1.9, SQL Injection

JS Jobs by Joomsky, versions 1.1.9 and previous, SQL injection resolution: update to version 1.2.0 update notice: http://www.joomsky.com/products/js-jobs.html...

1.7AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/19 12:0 a.m.•26 views

ccNewsletter 2.2.3 security release

there is a SQL injection issue in ccNewsletter. I advice everyone using a ccNewsletter version before 2.2.2 to upgrade! You can download ccNewsletter 2.2.3 from our downloads section here. https://www.chillcreations.com/downloads/ccnewsletterreltabs-145-notes...

8AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/09 12:0 a.m.•39 views

[20180504] - Core - Installer leaks plain text password to local user

The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and displays the plain text password for the administrator account at the confirmation screen...

9.8CVSS0.9AI score0.03798EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/08 12:0 a.m.•18 views

JS Support Ticket 1.1.0, ,XSS (Cross Site Scripting)

JS Support Ticket 1.1.0, ,XSS Cross Site Scripting UpdateNotice URL 1.1.1 http://www.joomsky.com/products/js-ticket-joomla.html...

0.1AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/02/02 12:0 a.m.•29 views

[20180505] - Core - XSS Vulnerabilities & additional hardening

Inadequate input filtering leads to multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack...

4.8CVSS3.5AI score0.0105EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/31 12:0 a.m.•24 views

JCE Editor,2.6.25, XSS (Cross Site Scripting)

JCE Editor Pro, Version 2.6.25 only, XSS Cross Site Scripting Resolution: update to 2.6.26 Update notice: https://www.joomlacontenteditor.net/news/jce-pro-2-6-26-released...

6.2AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/29 12:0 a.m.•22 views

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

1.5AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/21 12:0 a.m.•32 views

[20180101] - Core - XSS vulnerability in module chromes

Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system...

6.1CVSS1.8AI score0.01993EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/20 12:0 a.m.•39 views

[20180102] - Core - XSS vulnerability in com_fields

Inadequate input filtering in comfields leads to a XSS vulnerability in multiple field types, i.e. list, radio and checkbox...

6.1CVSS1.8AI score0.57524EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/15 12:25 p.m.•17 views

cms2cms improper file/folder permissions

All these extensions create a folder with permissions 0777, which is not subsequently deleted. CMS2CMS: Automated Blogger to J! Migration CMS2CMS: Automated HTML to J! Migration CMS2CMS: Automated Drupal to J! Migration CMS2CMS: Automated WordPress to J! Migration CMS2CMS Automated WiX to J!...

6.9AI score
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/15 12:0 a.m.•20 views

En Masse, all versions, SQL Injection

En Masse by Matamko.com, all known versions, SQL Injection...

4.1AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/08 12:0 a.m.•26 views

Easy Discuss, 4.0.20, XSS

Easy Discuss by Stackideas, versions 4.0.20 and previous, XSS Resolution: update to 4.0.21 update notice: https://stackideas.com/blog/easydiscuss4021-update...

1.9AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/03 12:0 a.m.•47 views

Big File Uploader by Prismanet,1.0.2, Insecure File Upload

Big File Uploader by Prismanet, 1.0.2, Insecure File Upload...

1.3AI score
Exploits0References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/01 6:23 p.m.•21 views

JB Visa,1.0,SQL Injection

JB Visa by Joombooking.com, 1.0, SQL Injection...

2.9AI score
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
•added 2018/01/01 12:0 a.m.•26 views

User Bench 1.0, sql injection

User Bench by gegabyte.org, version 1.0, sql injection resolution: update to version 1.1 update notice: http://www.gegabyte.org/downloads/joomla-extensions/joomla3/components/307-user-bench...

1.1AI score
Exploits0References3Affected Software1
Total number of security vulnerabilities747