Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter. Attackers can send GET requests to index.php with crafted categoryid values in the com_jephotogallery component to execute arbitrary SQL queries and retrieve sensitive data like usernam…

CVSS: 8.2 · CWE: CWE-89

View on NVD

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter_type_id, filter_pid_id, and filter_search parameters in POST requests to extract sensitive database information including credentials and server details.

CVSS: 7.1 · CWE: CWE-89

View on NVD

Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_search parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL payloads to extract sensitive database information and server data.

CVSS: 7.1 · CWE: CWE-89

View on NVD

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads in the username field to extract database information including user credentials and system details.

CVSS: 8.2 · CWE: CWE-89

View on NVD

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values containing SQL commands to extract sensitive database information.

CVSS: 8.2 · CWE: CWE-89

View on NVD

Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address that execute when users visit the profile, or submit SQL injection payloads via the phone_no parameter to the user_setting…

CVSS: 8.2 · CWE: CWE-89

View on NVD

Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information using automated tools.

CVSS: 7.1 · CWE: CWE-89

View on NVD

Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information.

CVSS: 7.1 · CWE: CWE-89

View on NVD

Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files in system directories outside the intended web root.

CVSS: 7.5 · CWE: CWE-22

View on NVD

Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the hdwplayersearch parameter to extract sensitive database information from the hdwplayer_videos table.

CVSS: 8.2 · CWE: CWE-89

View on NVD

Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the com_baforms component with malicious JSON payloads in the 'id' field parameter to extract sensitive database information.

CVSS: 8.2 · CWE: CWE-89

View on NVD

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via HTTP headers, establish authenticated backdoors accepting arbitrary PHP code or OS commands, create hi…

CVSS: 9.8 · CWE: CWE-506

View on NVD

The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.

CVSS: 9.5 · CWE: CWE-284

View on NVD

User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.

CVSS: 8.8 · CWE: CWE-434

View on NVD

SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability allows an attacker to retrieve database content via the ‘cip_vvisitcounter’ cookie at all endpoints where the plugin counts visits.

CVSS: 9.3 · CWE: CWE-89

View on NVD

A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.

CVSS: 8.5 · CWE: CWE-79

View on NVD

A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.

CVSS: 8.5 · CWE: CWE-79

View on NVD

A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.

CVSS: 8.7 · CWE: CWE-89

View on NVD

A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.

CVSS: 8.5 · CWE: CWE-89

View on NVD

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

CVSS: 9.2 · CWE: CWE-434

View on NVD

A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.

CVSS: 9.4 · CWE: CWE-79

View on NVD

A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.

CVSS: 9.4 · CWE: CWE-79

View on NVD

A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered.

CVSS: 7.0 · CWE: CWE-79

View on NVD

A stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla was discovered.

CVSS: 7.0 · CWE: CWE-79

View on NVD

A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows unprivileged users to execute arbitrary SQL commands.

CVSS: 9.3 · CWE: CWE-89

View on NVD

A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.

CVSS: 8.5 · CWE: CWE-89

View on NVD

A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.

CVSS: 8.6 · CWE: CWE-79

View on NVD

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter.

CVSS: 8.6 · CWE: CWE-89

View on NVD

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.

CVSS: 8.7 · CWE: CWE-89

View on NVD

A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to execute arbitrary SQL commands.

CVSS: 9.8 · CWE: CWE-89

View on NVD

A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers to execute arbitrary SQL commands.

CVSS: 9.8 · CWE: CWE-89

View on NVD

A SQL injection vulnerability in No Boss Calendar component before 5.0.7 for Joomla was discovered. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the id_module parameter.

CVSS: 8.6 · CWE: CWE-89

View on NVD

A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.

CVSS: 9.3 · CWE: CWE-89

View on NVD

A stored XSS vulnerability in RSTickets! component 1.9.12 - 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site scripting (XSS) attacks via sending crafted payload.

CVSS: 8.5 · CWE: CWE-79

View on NVD

Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature.

CVSS: 9.2 · CWE: CWE-94

View on NVD

A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the category management area in backend.

CVSS: 7.2 · CWE: CWE-89

View on NVD

Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x.

CVSS: 7.5 · CWE: CWE-35

View on NVD

Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability.

CVSS: 9.8 · CWE: CWE-94

View on NVD

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8.

CVSS: 9.8 · CWE: CWE-434

View on NVD

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5.

CVSS: 9.8 · CWE: CWE-502

View on NVD

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0.

CVSS: 7.5 · CWE: CWE-918

View on NVD

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.

CVSS: 7.5 · CWE: CWE-497

View on NVD

SQLi vulnerability in Starshop component for Joomla.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SQLi vulnerability in S5 Register module for Joomla.

CVSS: 9.8 · CWE: CWE-89

View on NVD

Unauthenticated LFI/SSRF in JCDashboards component for Joomla.

CVSS: 9.8 · CWE: CWE-918

View on NVD

SQLi vulnerability in LMS Lite component for Joomla.

CVSS: 9.8 · CWE: CWE-89

View on NVD

Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.

CVSS: 9.8 · CWE: CWE-434

View on NVD

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

CVSS: 7.5 · CWE: CWE-307

View on NVD

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.

CVSS: 9.8 · CWE: CWE-89

View on NVD

AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.

CVSS: 7.2 · CWE: CWE-20

View on NVD

AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.

CVSS: 9.8 · CWE: CWE-20

View on NVD

Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private information and components, possibility to view other users' information.

CVSS: 7.5 · CWE: CWE-276

View on NVD

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.

CVSS: 9.8 · CWE: N/A

View on NVD

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.

CVSS: 9.8 · CWE: CWE-89

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.

CVSS: 9.8 · CWE: CWE-287

View on NVD

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.

CVSS: 7.5 · CWE: CWE-22

View on NVD

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.

CVSS: 9.1 · CWE: CWE-863

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

CVSS: 7.5 · CWE: CWE-754

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.

CVSS: 7.5 · CWE: CWE-20

View on NVD

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

CVSS: 9.8 · CWE: CWE-863

View on NVD

Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

CVSS: 7.5 · CWE: CWE-384

View on NVD

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x…

CVSS: 9.8 · CWE: CWE-434

View on NVD

Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

CVSS: 7.5 · CWE: CWE-200

View on NVD

An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads

CVSS: 7.5 · CWE: N/A

View on NVD

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.

CVSS: 7.5 · CWE: CWE-20

View on NVD

An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.

CVSS: 9.1 · CWE: N/A

View on NVD

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.

CVSS: 9.1 · CWE: N/A

View on NVD

An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.

CVSS: 7.5 · CWE: CWE-20

View on NVD

An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.

CVSS: 9.8 · CWE: CWE-89

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.

CVSS: 7.5 · CWE: CWE-22

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.

CVSS: 7.5 · CWE: CWE-200

View on NVD

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.

CVSS: 7.5 · CWE: N/A

View on NVD

JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.

CVSS: 9.8 · CWE: CWE-1236

View on NVD

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.

CVSS: 7.5 · CWE: CWE-89

View on NVD

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.

CVSS: 7.5 · CWE: CWE-89

View on NVD

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.

CVSS: 7.5 · CWE: CWE-89

View on NVD

SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.

CVSS: 7.5 · CWE: CWE-89

View on NVD

The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.

CVSS: 8.8 · CWE: CWE-89

View on NVD

gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can access the upload function without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.

CVSS: 7.5 · CWE: CWE-276

View on NVD

In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.

CVSS: 7.5 · CWE: CWE-434

View on NVD

The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.

CVSS: 8.8 · CWE: CWE-89

View on NVD

In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.

CVSS: 7.5 · CWE: CWE-281

View on NVD

In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.

CVSS: 8.8 · CWE: CWE-352

View on NVD

An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.

CVSS: 9.8 · CWE: CWE-89

View on NVD

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.

CVSS: 8.8 · CWE: CWE-352

View on NVD

An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.

CVSS: 8.8 · CWE: CWE-863

View on NVD

An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.

CVSS: 7.5 · CWE: CWE-668

View on NVD

JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.

CVSS: 7.2 · CWE: CWE-89

View on NVD

JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension.

CVSS: 8.8 · CWE: CWE-434

View on NVD

JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.

CVSS: 7.2 · CWE: CWE-89

View on NVD

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.

CVSS: 8.8 · CWE: CWE-434

View on NVD

SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php.

CVSS: 7.2 · CWE: CWE-89

View on NVD

TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.

CVSS: 9.8 · CWE: CWE-434

View on NVD

Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.

CVSS: 9.8 · CWE: CWE-434

View on NVD

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP extension, then accessing it via a direct request…

CVSS: 9.8 · CWE: CWE-434

View on NVD

Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.

CVSS: 9.1 · CWE: CWE-89

View on NVD

Joomla! 1.7.1 has core information disclosure due to inadequate error checking.

CVSS: 7.5 · CWE: CWE-200

View on NVD

Joomla! core 1.7.1 allows information disclosure due to weak encryption

CVSS: 7.5 · CWE: CWE-326

View on NVD

An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.

CVSS: 8.8 · CWE: CWE-352

View on NVD

An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.

CVSS: 8.8 · CWE: CWE-352

View on NVD