Vulnerabilities > Joomla > Low

DATE CVE VULNERABILITY TITLE RISK
2020-01-22 CVE-2011-3595 Cross-site Scripting vulnerability in Joomla Joomla!
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.
network
joomla CWE-79
3.5
2019-01-16 CVE-2019-6262 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
joomla CWE-79
3.5
2019-01-16 CVE-2019-6263 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.2.
network
joomla CWE-79
3.5
2018-08-29 CVE-2018-15880 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.12.
network
joomla CWE-79
3.5
2018-05-22 CVE-2018-11326 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
joomla CWE-79
3.5
2018-05-22 CVE-2018-11328 Cross-site Scripting vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
high complexity
joomla CWE-79
2.6
2011-12-15 CVE-2011-4830 Cross-Site Scripting vulnerability in Barter-Sites COM Listing 1.3
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php.
3.5
2010-10-05 CVE-2010-2535 Cross-Site Scripting vulnerability in Joomla Joomla!
Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens.
network
joomla CWE-79
3.5
2010-08-16 CVE-2010-3028 Permissions, Privileges, and Access Controls vulnerability in Simon Philips Aardvertiser 2.2.1
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files.
local
low complexity
simon-philips joomla CWE-264
3.6
2010-03-02 CVE-2010-0801 Path Traversal vulnerability in Autartica COM Autartitarot 1.0.3
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php.
3.5