| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-28733 | Stored XSS affecting the AcyMailing plugin for Joomla | AcyMailing | Newsletter Plugin for Joomla in the Enterprise version | High | 7.2 | 2023-03-30 11:27:41 | Deep Dive |
| CVE-2023-28732 | Missing access control affecting the AcyMailing plugin for Joomla | AcyMailing | Newsletter Plugin for Joomla | Medium | 6.5 | 2023-03-30 11:26:27 | Deep Dive |
| CVE-2023-28731 | Unauthenticated RCE affecting the AcyMailing plugin for Joomla | AcyMailing | Newsletter Plugin for Joomla in the Enterprise version | Critical | 9.8 | 2023-03-30 11:25:37 | Deep Dive |
| CVE-2023-23752 | [20230201] - Core - Improper access check in webservice endpoints | Joomla! Project | Joomla! CMS | 中危 | - | 2023-02-16 16:25:21 | Deep Dive |
| CVE-2023-23751 | [20230102] - Core - Missing ACL checks for com_actionlogs | Joomla! Project | Joomla! CMS | 中危 | - | 2023-02-01 21:12:42 | Deep Dive |
| CVE-2023-23750 | [20230101] - Core - CSRF within post-installation messages | Joomla! Project | Joomla! CMS | 中危 | - | 2023-02-01 21:12:36 | Deep Dive |
| CVE-2022-27914 | [20221101] - Core - RXSS through reflection of user input in com_media | Joomla! Project | Joomla! CMS | 中危 | - | 2022-11-08 18:50:11 | Deep Dive |
| CVE-2022-27913 | [20221002] - Core - RXSS through reflection of user input in headings | Joomla! Project | Joomla! CMS | 中危 | - | 2022-10-25 19:00:16 | Deep Dive |
| CVE-2022-27912 | [20221001] - Core - Debug Mode leaks full request payloads including passwords | Joomla! Project | Joomla! CMS | 中危 | - | 2022-10-25 19:00:15 | Deep Dive |
| CVE-2022-27911 | [20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check' | Joomla! Project | Joomla! CMS | 中危 | - | 2022-08-31 10:00:14 | Deep Dive |
| CVE-2022-23801 | [20220309] - Core - XSS attack vector through SVG | Joomla! Project | Joomla! CMS | 中危 | - | 2022-03-30 15:20:35 | Deep Dive |
| CVE-2022-23800 | [20220308] - Core - Inadequate content filtering within the filter code | Joomla! Project | Joomla! CMS | 中危 | - | 2022-03-30 15:20:34 | Deep Dive |
| CVE-2022-23799 | [20220307] - Core - Variable Tampering on JInput $_REQUEST data | Joomla! Project | Joomla! CMS | 超危 | - | 2022-03-30 15:20:32 | Deep Dive |
| CVE-2022-23798 | [20220306] - Core - Inadequate validation of internal URLs | Joomla! Project | Joomla! CMS | 中危 | - | 2022-03-30 15:20:31 | Deep Dive |
| CVE-2022-23797 | [20220305] - Core - Inadequate filtering on the selected Ids | Joomla! Project | Joomla! CMS | 超危 | - | 2022-03-30 15:20:29 | Deep Dive |
| CVE-2022-23796 | [20220304] - Core - Missing input validation within com_fields class inputs | Joomla! Project | Joomla! CMS | 中危 | - | 2022-03-30 15:20:28 | Deep Dive |
| CVE-2022-23795 | [20220303] - Core - User row are not bound to a authentication mechanism | Joomla! Project | Joomla! CMS | 超危 | - | 2022-03-30 15:20:26 | Deep Dive |
| CVE-2022-23794 | [20220302] - Core - Path Disclosure within filesystem error messages | Joomla! Project | Joomla! CMS | 中危 | - | 2022-03-30 15:20:24 | Deep Dive |
| CVE-2022-23793 | [20220301] - Core - Zip Slip within the Tar extractor | Joomla! Project | Joomla! CMS | 高危 | - | 2022-03-30 15:20:22 | Deep Dive |
| CVE-2021-26040 | [20210801] - Core - Insufficient access control for com_media deletion endpoint | Joomla! Project | Joomla! CMS | 超危 | - | 2021-08-24 14:20:13 | Deep Dive |