Vulnerabilities > Joomla > High

DATE CVE VULNERABILITY TITLE RISK
2018-10-09 CVE-2018-17855 Improper Privilege Management vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.13.
network
low complexity
joomla CWE-269
8.8
2018-08-29 CVE-2018-15881 Unspecified vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.12.
network
low complexity
joomla
7.5
2018-06-26 CVE-2018-12712 Improper Input Validation vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9.
network
low complexity
joomla CWE-20
8.8
2018-05-22 CVE-2018-11323 Improper Privilege Management vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
low complexity
joomla CWE-269
8.8
2018-05-22 CVE-2018-11322 Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
high complexity
joomla CWE-434
7.5
2018-03-15 CVE-2018-8045 SQL Injection vulnerability in Joomla Joomla!
In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view.
network
low complexity
joomla CWE-89
8.8
2017-08-02 CVE-2017-11364 Improper Certificate Validation vulnerability in Joomla Joomla!
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.
network
low complexity
joomla CWE-295
8.8
2017-07-17 CVE-2017-9933 Information Exposure vulnerability in Joomla Joomla!
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.
network
low complexity
joomla CWE-200
7.5
2016-12-16 CVE-2016-9838 Improper Access Control vulnerability in Joomla Joomla!
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5.
network
low complexity
joomla CWE-284
7.5
2016-12-16 CVE-2016-9837 Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla!
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5.
network
low complexity
joomla CWE-264
7.5