Vulnerabilities > Joomla > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-09 | CVE-2018-17855 | Improper Privilege Management vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.13. | 8.8 |
2018-08-29 | CVE-2018-15881 | Unspecified vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.12. | 7.5 |
2018-06-26 | CVE-2018-12712 | Improper Input Validation vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. | 8.8 |
2018-05-22 | CVE-2018-11323 | Improper Privilege Management vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 8.8 |
2018-05-22 | CVE-2018-11322 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 7.5 |
2018-03-15 | CVE-2018-8045 | SQL Injection vulnerability in Joomla Joomla! In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. | 8.8 |
2017-08-02 | CVE-2017-11364 | Improper Certificate Validation vulnerability in Joomla Joomla! The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | 8.8 |
2017-07-17 | CVE-2017-9933 | Information Exposure vulnerability in Joomla Joomla! Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. | 7.5 |
2016-12-16 | CVE-2016-9838 | Improper Access Control vulnerability in Joomla Joomla! An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. | 7.5 |
2016-12-16 | CVE-2016-9837 | Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. | 7.5 |