Vulnerabilities > Joomla

DATE	CVE	VULNERABILITY TITLE	RISK
2013-12-29	CVE-2013-5583	Cross-Site Scripting vulnerability in Joomla Joomla! 3.1.5 Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. network joomla CWE-79	4.3
2013-10-09	CVE-2013-5576	Improper Input Validation vulnerability in Joomla Joomla! administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . network joomla CWE-20	6.8
2013-05-31	CVE-2013-3719	Cross-Site Scripting vulnerability in Algisinfo Aicontactsafe Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network algisinfo joomla CWE-79	4.3
2013-05-13	CVE-2013-3534	Cross-Site Scripting vulnerability in Algisinfo Aicontactsafe Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network algisinfo joomla CWE-79	4.3
2013-05-03	CVE-2013-3267	Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network joomla CWE-79	4.3
2013-05-03	CVE-2013-3242	Improper Input Validation vulnerability in Joomla Joomla! plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors. network low complexity joomla CWE-20	5.5
2013-05-03	CVE-2013-3059	Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network joomla CWE-79	4.3
2013-05-03	CVE-2013-3058	Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network joomla CWE-79	4.3
2013-05-03	CVE-2013-3057	Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors. network low complexity joomla CWE-264	4.0
2013-05-03	CVE-2013-3056	Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors. network low complexity joomla CWE-264	4.0

Vulnerabilities > Joomla {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Joomla"}]}

Vulnerabilities > Joomla