Vulnerabilities > Joomla > Joomla > 1.6.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-22 | CVE-2018-11324 | Race Condition vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.3 |
| 2018-05-22 | CVE-2018-11323 | Improper Privilege Management vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 6.5 |
| 2018-05-22 | CVE-2018-11322 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 6.0 |
| 2018-05-22 | CVE-2018-11321 | Improper Input Validation vulnerability in Joomla Joomla! An issue was discovered in com_fields in Joomla! Core before 3.8.8. | 4.0 |
| 2018-01-30 | CVE-2018-6380 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. | 4.3 |
| 2018-01-30 | CVE-2018-6379 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability. | 4.3 |
| 2018-01-30 | CVE-2018-6377 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox | 4.3 |
| 2018-01-30 | CVE-2018-6376 | SQL Injection vulnerability in Joomla Joomla! In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. | 7.5 |
| 2017-09-20 | CVE-2017-14596 | LDAP Injection vulnerability in Joomla Joomla! In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | 5.0 |
| 2017-08-02 | CVE-2017-11364 | Improper Certificate Validation vulnerability in Joomla Joomla! The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | 6.5 |