Joomla Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by joomla
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
SQL Injection Vulnerability in Joomla Database Package
CVE-2025-25226JoomlaJoomla! Framework9.8CRITICALAuthentication Bypass in Joomla Core Multifactor Authentication
CVE-2025-25227JoomlaJoomla! Cms7.5HIGHArbitrary File Extension Vulnerability in Joomla Media Manager
CVE-2025-22213JoomlaJoomla! Cms7.1HIGHCache Poisoning Vulnerability in Pagination
CVE-2024-27185JoomlaJoomla! Cms9.1CRITICAL[20231101] - Core - Exposure of environment variables
CVE-2023-40626JoomlaJoomla! CmsπΎπ‘7.5HIGH[20230502] - Core - Bruteforce prevention within the mfa screen
CVE-2023-23755JoomlaJoomla! Cms7.5HIGH[20220303] - Core - User row are not bound to a authentication mechanism
CVE-2022-23795JoomlaJoomla! Cms9.8CRITICAL[20220307] - Core - Variable Tampering on JInput $_REQUEST data
CVE-2022-23799JoomlaJoomla! Cms9.8CRITICAL[20220301] - Core - Zip Slip within the Tar extractor
CVE-2022-23793JoomlaJoomla! Cms7.5HIGH[20220305] - Core - Inadequate filtering on the selected Ids
CVE-2022-23797JoomlaJoomla! Cms9.8CRITICAL[20210801] - Core - Insufficient access control for com_media deletion endpoint
CVE-2021-26040JoomlaJoomla! Cms9.1CRITICAL[20210702] - Core - DoS through usergroup table manipulation
CVE-2021-26036JoomlaJoomla! Cms7.5HIGH[20210704] - Core - Privilege escalation through com_installer
CVE-2021-26038JoomlaJoomla! Cms7.5HIGHInformation Disclosure Vulnerability in Joomla! Core by Joomla
CVE-2010-1432JoomlaJoomla7.5HIGHSecurity Bypass Vulnerability in Joomla! Core by Joomla
CVE-2010-1435JoomlaJoomla9.8CRITICALArbitrary File Upload Vulnerability in Joomla! Core by Joomla
CVE-2010-1433JoomlaJoomla9.8CRITICALSession Fixation Vulnerability in Joomla! Core by Joomla
CVE-2010-1434JoomlaJoomla7.5HIGH[20210302] - Core - Potential Insecure FOFEncryptRandval
CVE-2021-23128JoomlaJoomla! Cms9.1CRITICAL[20210305] - Core - Input validation within the template manager
CVE-2021-23131JoomlaJoomla! Cms7.5HIGH[20210306] - Core - com_media allowed paths that are not intended for image uploads
CVE-2021-23132JoomlaJoomla! CmsπΎπ‘EPSS 65%7.5HIGH[20210301] - Core - Insecure randomness within 2FA secret generation
CVE-2021-23127JoomlaJoomla! Cms9.1CRITICAL[20201102] - Core - Disclosure of secrets in Global Configuration page
CVE-2020-35611JoomlaJoomla! Cms7.5HIGH[20201104] - Core - SQL injection in com_users list view
CVE-2020-35613JoomlaJoomla! Cms9.8CRITICAL[20201101] - Core - com_finder ignores access levels on autosuggest
CVE-2020-35610JoomlaJoomla! Cms7.5HIGH[20201103] - Core - Path traversal in mod_random_image
CVE-2020-35612JoomlaJoomla! Cms7.5HIGH