Vulnerabilities
Vulnerable Software
Joomla:  Security Vulnerabilities
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
CVSS Score
6.5
EPSS Score
0.0
Published
2021-05-26
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.
CVSS Score
6.5
EPSS Score
0.0
Published
2021-05-26
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page
CVSS Score
6.1
EPSS Score
0.461
Published
2021-04-14
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-04-14
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
CVSS Score
9.1
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.
CVSS Score
9.1
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.03
Published
2021-03-04
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.03
Published
2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-03-04


Contact Us

Shodan ® - All rights reserved