Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Joomla
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-24837 |
Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0. Published: February 21, 2024; 3:15:46 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-21728 |
An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability allows attackers to control the return parameter in the URL to a base64 malicious URL. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-21727 |
XSS vulnerability in DP Calendar component for Joomla. Published: February 15, 2024; 2:15:11 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-49708 |
SQLi vulnerability in Starshop component for Joomla. Published: December 14, 2023; 4:15:42 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-49707 |
SQLi vulnerability in S5 Register module for Joomla. Published: December 14, 2023; 4:15:42 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-40659 |
A reflected XSS vulnerability was discovered in the Easy Quick Contact module for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40658 |
A reflected XSS vulnerability was discovered in the Clicky Analytics Dashboard module for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40657 |
A reflected XSS vulnerability was discovered in the Joomdoc component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40656 |
A reflected XSS vulnerability was discovered in the Quickform component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40655 |
A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40630 |
Unauthenticated LFI/SSRF in JCDashboards component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-40629 |
SQLi vulnerability in LMS Lite component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-40628 |
A reflected XSS vulnerability was discovered in the Extplorer component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-40627 |
A reflected XSS vulnerability was discovered in the LivingWord component for Joomla. Published: December 14, 2023; 4:15:41 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-39974 |
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list. Published: August 17, 2023; 5:15:09 PM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-39973 |
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns. Published: August 17, 2023; 5:15:09 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-39972 |
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists. Published: August 17, 2023; 5:15:09 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-39971 |
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3. Published: August 17, 2023; 5:15:09 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-39970 |
Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution. Published: August 17, 2023; 5:15:09 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-38045 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements. Published: August 07, 2023; 1:15:11 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |