Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 4.0.6  Security Vulnerabilities
CVE-2023-23751
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.
CVSS Score
4.3
EPSS Score
0.0
Published
2023-02-01
CVE-2022-27914
An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-11-08
CVE-2022-27913
An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-10-25
CVE-2022-27912
An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-10-25
CVE-2022-23793
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-03-30
CVE-2022-23794
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-03-30
CVE-2022-23795
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-03-30
CVE-2022-23797
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-03-30
CVE-2022-23798
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-03-30
CVE-2022-23799
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-03-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved