Joomla

Joomla!

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.32%
  • Veröffentlicht 26.06.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:43

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local Fi...

  • EPSS 1.99%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:07

An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.

  • EPSS 2.13%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

  • EPSS 3.22%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.

  • EPSS 1.33%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

  • EPSS 3.8%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator a...

  • EPSS 1.05%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. Inadequate input filtering leads to a multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a ...

  • EPSS 1.45%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission.

  • EPSS 1.36%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:08

An issue was discovered in Joomla! Core before 3.8.8. Under specific circumstances (a redirect issued with a URI containing a username and password when the Location: header cannot be used), a lack of escaping the user-info component of the URI could...

  • EPSS 1.41%
  • Veröffentlicht 22.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:35

In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager.