Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Joomla! CMS — Vulnerabilities & Security Advisories 81

All 81 CVE vulnerabilities found in Joomla! CMS, with AI-generated Chinese analysis, references, and POCs.

Vendor: Joomla! Project

CVE IDTitleCVSSSeverityPublished
CVE-2021-26030 [20210401] - Core - Escape xss in logo parameter error pages 6.1 -2021-04-14
CVE-2021-26029 [20210309] - Core - Inadequate filtering of form contents could allow to overwrite the author field 5.3 -2021-03-04
CVE-2021-26028 [20210308] - Core - Path Traversal within joomla/archive zip class 5.5 -2021-03-04
CVE-2021-26027 [20210307] - Core - ACL violation within com_content frontend editing 5.3 -2021-03-04
CVE-2021-23132 [20210306] - Core - com_media allowed paths that are not intended for image uploads 7.5 -2021-03-04
CVE-2021-23131 [20210305] - Core - Input validation within the template manager 9.1 -2021-03-04
CVE-2021-23130 [20210304] - Core - XSS within the feed parser library 6.1 -2021-03-04
CVE-2021-23129 [20210303] - Core - XSS within alert messages showed to users 6.1 -2021-03-04
CVE-2021-23126 [20210301] - Core - Insecure randomness within 2FA secret generation 5.3 -2021-03-04
CVE-2021-23127 [20210301] - Core - Insecure randomness within 2FA secret generation 9.1 -2021-03-04
CVE-2021-23128 [20210302] - Core - Potential Insecure FOFEncryptRandval 9.1 -2021-03-04
CVE-2021-23125 [20210103] - Core - XSS in com_tags image parameters 6.1 -2021-01-12
CVE-2021-23124 [20210102] - Core - XSS in mod_breadcrumbs aria-label attribute 6.1 -2021-01-12
CVE-2021-23123 [20210101] - Core - com_modules exposes module names 5.3 -2021-01-12
CVE-2020-35616 [20201107] - Core - Write ACL violation in multiple core views 7.5 -2020-12-28
CVE-2020-35615 [20201106] - Core - CSRF in com_privacy emailexport feature 8.8 -2020-12-28
CVE-2020-35610 [20201101] - Core - com_finder ignores access levels on autosuggest 7.5 -2020-12-28
CVE-2020-35614 [20201105] - Core - User Enumeration in backend login 5.3 -2020-12-28
CVE-2020-35613 [20201104] - Core - SQL injection in com_users list view 9.8 -2020-12-28
CVE-2020-35612 [20201103] - Core - Path traversal in mod_random_image 7.5 -2020-12-28
CVE-2020-35611 [20201102] - Core - Disclosure of secrets in Global Configuration page 8.6 -2020-12-28

All 81 known CVE vulnerabilities affecting Joomla! CMS with full Chinese analysis, references, and POCs where available.