Vulnerabilities > Joomla > Joomla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2020-8420 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 6.8 |
| 2020-01-28 | CVE-2020-8419 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 6.8 |
| 2020-01-15 | CVE-2011-4907 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! Joomla! 1.5x through 1.5.12: Missing JEXEC Check | 5.0 |
| 2020-01-15 | CVE-2012-1563 | Improper Privilege Management vulnerability in Joomla Joomla! Joomla! before 2.5.3 allows Admin Account Creation. | 5.0 |
| 2020-01-15 | CVE-2012-1562 | Use of Insufficiently Random Values vulnerability in Joomla Joomla! Joomla! core before 2.5.3 allows unauthorized password change. | 5.0 |
| 2019-12-18 | CVE-2019-19845 | Path Traversal vulnerability in Joomla Joomla! In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | 5.0 |
| 2019-11-06 | CVE-2019-18674 | Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. | 5.0 |
| 2019-11-06 | CVE-2019-18650 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. | 6.8 |
| 2019-09-24 | CVE-2019-16725 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | 4.3 |
| 2019-08-14 | CVE-2019-15028 | Unspecified vulnerability in Joomla Joomla! In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. | 5.0 |