An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.
Source: Joomla! Project
Max CVSS
9.8
EPSS Score
0.20%
Published
2022-03-30
Updated
2022-04-05
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.
Source: Joomla! Project
Max CVSS
9.8
EPSS Score
0.14%
Published
2022-03-30
Updated
2022-04-05
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Source: Joomla! Project
Max CVSS
9.8
EPSS Score
0.20%
Published
2022-03-30
Updated
2022-04-05
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.
Source: Joomla! Project
Max CVSS
9.1
EPSS Score
0.10%
Published
2021-08-24
Updated
2021-08-31
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.
Source: Joomla! Project
Max CVSS
9.1
EPSS Score
0.22%
Published
2021-03-04
Updated
2021-03-05
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
Source: Joomla! Project
Max CVSS
9.1
EPSS Score
0.22%
Published
2021-03-04
Updated
2021-03-05
An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.
Source: Joomla! Project
Max CVSS
9.8
EPSS Score
0.20%
Published
2020-12-28
Updated
2020-12-30
An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.20%
Published
2020-03-16
Updated
2020-03-18
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.20%
Published
2019-12-18
Updated
2019-12-18
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.25%
Published
2019-06-11
Updated
2023-01-30
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.
Source: MITRE
Max CVSS
9.8
EPSS Score
3.34%
Published
2019-05-09
Updated
2021-10-01
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
Source: MITRE
Max CVSS
9.8
EPSS Score
68.98%
Published
2019-04-10
Updated
2019-04-17
An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.23%
Published
2019-02-12
Updated
2020-08-24
An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.03%
Published
2018-08-29
Updated
2018-11-05
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.76%
Published
2018-05-22
Updated
2019-10-03
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
Source: MITRE
Max CVSS
9.8
EPSS Score
17.09%
Published
2018-01-30
Updated
2018-02-13
In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.22%
Published
2017-11-10
Updated
2017-11-28
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.04%
Published
2017-09-20
Updated
2017-09-27

CVE-2017-8917

Public exploit
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
Source: MITRE
Max CVSS
9.8
EPSS Score
97.56%
Published
2017-05-17
Updated
2019-04-16

CVE-2016-10045

Public exploit
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
Source: MITRE
Max CVSS
9.8
EPSS Score
96.69%
Published
2016-12-30
Updated
2021-09-30

CVE-2016-10033

Public exploit
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Source: MITRE
Max CVSS
9.8
EPSS Score
97.09%
Published
2016-12-30
Updated
2021-09-30
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.80%
Published
2016-12-05
Updated
2016-12-07
Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.22%
Published
2017-01-23
Updated
2017-01-26

CVE-2016-8869

Public exploit
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.
Source: MITRE
Max CVSS
9.8
EPSS Score
92.93%
Published
2016-11-04
Updated
2016-11-07
Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.
Source: Red Hat, Inc.
Max CVSS
9.1
EPSS Score
0.28%
Published
2020-02-05
Updated
2020-02-07
37 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!