Vulnerabilities > Joomla > Joomla > 3.8.10

DATE CVE VULNERABILITY TITLE RISK
2020-03-16 CVE-2020-10238 Exposure of Resource to Wrong Sphere vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.16.
network
low complexity
joomla CWE-668
5.0
2020-01-28 CVE-2020-8420 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.15.
network
joomla CWE-352
6.8
2020-01-28 CVE-2020-8419 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.15.
network
joomla CWE-352
6.8
2019-12-18 CVE-2019-19846 SQL Injection vulnerability in Joomla Joomla!
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
network
low complexity
joomla CWE-89
7.5
2019-12-18 CVE-2019-19845 Path Traversal vulnerability in Joomla Joomla!
In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.
network
low complexity
joomla CWE-22
5.0
2019-11-06 CVE-2019-18674 Missing Authorization vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.13.
network
low complexity
joomla CWE-862
5.0
2019-11-06 CVE-2019-18650 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.13.
network
joomla CWE-352
6.8
2019-09-24 CVE-2019-16725 Cross-site Scripting vulnerability in Joomla Joomla!
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
network
joomla CWE-79
4.3
2019-08-14 CVE-2019-15028 Unspecified vulnerability in Joomla Joomla!
In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.
network
low complexity
joomla
5.0
2019-06-11 CVE-2019-12766 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.7.
network
low complexity
joomla CWE-79
6.1