Shodan
Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 3.7.2  Security Vulnerabilities
CVE-2020-8419
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.
CVSS Score
8.8
EPSS Score
0.0
Published
2020-01-28
CVE-2019-19846
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
CVSS Score
9.8
EPSS Score
0.001
Published
2019-12-18
CVE-2019-18674
An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-11-06
CVE-2019-18650
An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability.
CVSS Score
8.8
EPSS Score
0.0
Published
2019-11-06
CVE-2019-16725
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
CVSS Score
6.1
EPSS Score
0.04
Published
2019-09-24
CVE-2019-15028
In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-08-14
CVE-2019-12766
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-06-11
CVE-2019-11809
An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-05-20
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVSS Score
6.1
EPSS Score
0.013
Published
2019-04-20
CVE-2019-10945
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
CVSS Score
9.8
EPSS Score
0.832
Published
2019-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved