Vulnerabilities > Joomla > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2020-8420 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.15.
network
low complexity
joomla CWE-352
8.8
2020-01-28 CVE-2020-8419 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.15.
network
low complexity
joomla CWE-352
8.8
2020-01-15 CVE-2012-1563 Improper Privilege Management vulnerability in Joomla Joomla!
Joomla! before 2.5.3 allows Admin Account Creation.
network
low complexity
joomla CWE-269
7.5
2020-01-15 CVE-2012-1562 Use of Insufficiently Random Values vulnerability in Joomla Joomla!
Joomla! core before 2.5.3 allows unauthorized password change.
network
low complexity
joomla CWE-330
7.5
2019-11-06 CVE-2019-18650 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.13.
network
low complexity
joomla CWE-352
8.8
2019-08-05 CVE-2019-14654 Unspecified vulnerability in Joomla Joomla! 3.9.7/3.9.8
In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.
network
low complexity
joomla
8.8
2019-04-10 CVE-2019-10946 Missing Authentication for Critical Function vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.5.
network
low complexity
joomla CWE-306
7.5
2019-03-12 CVE-2019-9713 Missing Authorization vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.4.
network
low complexity
joomla CWE-862
7.5
2018-10-09 CVE-2018-17858 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.13.
network
low complexity
joomla CWE-352
8.8
2018-10-09 CVE-2018-17856 Unspecified vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.13.
network
low complexity
joomla
7.2