Joomla

Joomla!

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.41%
  • Veröffentlicht 30.05.2023 17:15:09
  • Zuletzt bearbeitet 09.01.2025 22:15:25

An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.

  • EPSS 0.56%
  • Veröffentlicht 30.05.2023 17:15:09
  • Zuletzt bearbeitet 09.01.2025 22:15:26

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

  • EPSS 0.46%
  • Veröffentlicht 08.11.2022 19:15:11
  • Zuletzt bearbeitet 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.

  • EPSS 0.36%
  • Veröffentlicht 25.10.2022 19:15:10
  • Zuletzt bearbeitet 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.

  • EPSS 0.5%
  • Veröffentlicht 25.10.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.

  • EPSS 0.5%
  • Veröffentlicht 31.08.2022 10:15:15
  • Zuletzt bearbeitet 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.

Exploit
  • EPSS 2.01%
  • Veröffentlicht 30.03.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:49:16

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.

  • EPSS 0.87%
  • Veröffentlicht 30.03.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:49:16

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.

  • EPSS 1.1%
  • Veröffentlicht 30.03.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:49:16

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.

  • EPSS 0.57%
  • Veröffentlicht 30.03.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:49:16

An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields.