Joomla!@3.7.0 Security Vulnerabilities and Issues — Joomla!@3.7.0 CVE List | Vulners.com

Lucene search

K

JoomlaJoomla!3.7.0

8 matches found

CVE•added 2017/05/17 11:29 p.m.•267 views

CVE-2017-8917

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

9.8CVSS9.7AI score0.94315EPSS

CVE•added 2017/09/20 6:29 p.m.•96 views

CVE-2017-14596

In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.

9.8CVSS9.2AI score0.03976EPSS

CVE•added 2017/07/26 3:29 p.m.•77 views

CVE-2017-11612

In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.

6.1CVSS7AI score0.00222EPSS

CVE•added 2020/06/02 8:15 p.m.•76 views

CVE-2020-13760

In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.

8.8CVSS8.5AI score0.00008EPSS

CVE•added 2017/07/17 9:29 p.m.•62 views

CVE-2017-9933

Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.

7.5CVSS7.2AI score0.00045EPSS

CVE•added 2017/08/02 2:29 p.m.•59 views

CVE-2017-11364

The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.

8.8CVSS8.4AI score0.00125EPSS

CVE•added 2017/09/20 6:29 p.m.•57 views

CVE-2017-14595

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

4.3CVSS6.6AI score0.00071EPSS

CVE•added 2017/07/17 9:29 p.m.•54 views

CVE-2017-9934

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

6.1CVSS6.3AI score0.00375EPSS