Vulnerabilities in Joomla! Project
102 resultsCVE-2021-26028—[20210308] - Core - Path Traversal within joomla/archive zip classEPSS 1.2%CVE-2021-26029—[20210309] - Core - Inadequate filtering of form contents could allow to overwrite the author fieldEPSS 1.1%CVE-2021-23123—[20210101] - Core - com_modules exposes module namesEPSS 1.1%CVE-2022-23795—[20220303] - Core - User row are not bound to a authentication mechanismEPSS 1.1%CVE-2022-23797—[20220305] - Core - Inadequate filtering on the selected IdsEPSS 1.1%CVE-2021-26027—[20210307] - Core - ACL violation within com_content frontend editingEPSS 1.1%CVE-2020-35614—[20201105] - Core - User Enumeration in backend loginEPSS 1.1%CVE-2021-26037—[20210703] - Core - Lack of enforced session terminationEPSS 1.0%CVE-2021-26032—[20210501] - Core - Adding HTML to the executable block list of MediaHelper::canUploadEPSS 1.0%CVE-2021-23129—[20210303] - Core - XSS within alert messages showed to usersEPSS 0.9%CVE-2021-23130—[20210304] - Core - XSS within the feed parser libraryEPSS 0.9%CVE-2021-26040—[20210801] - Core - Insufficient access control for com_media deletion endpointEPSS 0.9%CVE-2021-26035—[20210701] - Core - XSS in JForm Rules fieldEPSS 0.9%CVE-2021-26039—[20210705] - Core - XSS in com_media imagelistEPSS 0.9%CVE-2022-23794—[20220302] - Core - Path Disclosure within filesystem error messagesEPSS 0.9%CVE-2023-40626—[20231101] - Core - Exposure of environment variablesEPSS 0.8%CVE-2021-23125—[20210103] - Core - XSS in com_tags image parametersEPSS 0.8%CVE-2022-23800—[20220308] - Core - Inadequate content filtering within the filter codeEPSS 0.7%CVE-2021-26033—[20210502] - Core - CSRF in AJAX reordering endpointEPSS 0.6%CVE-2021-26034—[20210503] - Core - CSRF in data download endpointsEPSS 0.6%