7 matches found
CVE-2020-8419
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.
CVE-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs.
CVE-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.
CVE-2012-1563
Joomla! before 2.5.3 allows Admin Account Creation.
CVE-2012-1562
Joomla! core before 2.5.3 allows unauthorized password change.
CVE-2011-4907
Joomla! 1.5x through 1.5.12: Missing JEXEC Check
CVE-2011-3595
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.