Joomla CMS

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package

CVE-2025-25226 - April 08, 2025

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used.

SQL Injection

Insufficient state checks lead to a vector

CVE-2025-25227 - April 08, 2025

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

Various module chromes didn't properly process inputs

CVE-2024-40747 - January 07, 2025

Various module chromes didn't properly process inputs, leading to XSS vectors.

XSS

Lack of output escaping in the id attribute of menu lists.

CVE-2024-40748 - January 07, 2025

Lack of output escaping in the id attribute of menu lists.

XSS

Improper Access Controls

CVE-2024-40749 - January 07, 2025

Improper Access Controls allows access to protected views.

Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not

CVE-2024-27184 - August 20, 2024

Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..

Open Redirect

The pagination class includes arbitrary parameters in links

CVE-2024-27185 - August 20, 2024

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

The mail template feature lacks an escaping mechanism

CVE-2024-27186 - August 20, 2024

The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.

XSS

Improper Access Controls

CVE-2024-27187 - August 20, 2024

Improper Access Controls allows backend users to overwrite their username when disallowed.

The stripImages and stripIframes methods didn't properly process inputs

CVE-2024-40743 - August 20, 2024

The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.

XSS

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.

CVE-2024-21729 6.1 - Medium - July 09, 2024

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.

XSS

The fancyselect list field layout does not correctly escape inputs

CVE-2024-21730 5.4 - Medium - July 09, 2024

The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.

XSS

Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.

CVE-2024-21731 6.1 - Medium - July 09, 2024

Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.

XSS

The Custom Fields component not correctly filter inputs

CVE-2024-26278 6.1 - Medium - July 09, 2024

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

XSS

The wrapper extensions do not correctly validate inputs

CVE-2024-26279 6.1 - Medium - July 09, 2024

The wrapper extensions do not correctly validate inputs, leading to XSS vectors.

XSS

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

CVE-2024-21722 - February 29, 2024

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

Insufficient Session Expiration

Inadequate parsing of URLs could result into an open redirect.

CVE-2024-21723 - February 29, 2024

Inadequate parsing of URLs could result into an open redirect.

Open Redirect

Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.

CVE-2024-21725 - February 29, 2024

Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.

Inadequate content filtering leads to XSS vulnerabilities in various components.

CVE-2024-21726 - February 29, 2024

Inadequate content filtering leads to XSS vulnerabilities in various components.

XSS

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.

CVE-2024-21724 6.1 - Medium - February 29, 2024

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.

XSS

The language file parsing process could be manipulated to expose environment variables

CVE-2023-40626 7.5 - High - November 29, 2023

The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.

An issue was discovered in Joomla! 4.2.0 through 4.3.1

CVE-2023-23754 6.1 - Medium - May 30, 2023

An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.

Improper Input Validation

An issue was discovered in Joomla! 4.2.0 through 4.3.1

CVE-2023-23755 7.5 - High - May 30, 2023

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

Improper Restriction of Excessive Authentication Attempts

An issue was discovered in Joomla! 4.0.0 through 4.2.7

CVE-2023-23752 5.3 - Medium - February 16, 2023

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.

An issue was discovered in Joomla! 4.0.0 through 4.2.4

CVE-2023-23751 4.3 - Medium - February 01, 2023

An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.

AuthZ

An issue was discovered in Joomla! 4.0.0 through 4.2.6

CVE-2023-23750 6.3 - Medium - February 01, 2023

An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.

Session Riding

An issue was discovered in Joomla! 4.0.0 through 4.2.4

CVE-2022-27914 6.1 - Medium - November 08, 2022

An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.

XSS

An issue was discovered in Joomla! 4.0.0 through 4.2.3

CVE-2022-27912 5.3 - Medium - October 25, 2022

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.

Information Disclosure

An issue was discovered in Joomla! 4.2.0 through 4.2.3

CVE-2022-27913 6.1 - Medium - October 25, 2022

An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.

XSS

An issue was discovered in Joomla! 4.2.0

CVE-2022-27911 5.3 - Medium - August 31, 2022

An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0

CVE-2022-23794 5.3 - Medium - March 30, 2022

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.

Generation of Error Message Containing Sensitive Information

An issue was discovered in Joomla! 4.0.0 through 4.1.0

CVE-2022-23801 6.1 - Medium - March 30, 2022

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.

XSS

An issue was discovered in Joomla! 4.0.0 through 4.1.0

CVE-2022-23800 6.1 - Medium - March 30, 2022

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.

XSS

An issue was discovered in Joomla! 4.0.0 through 4.1.0

CVE-2022-23799 9.8 - Critical - March 30, 2022

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0

CVE-2022-23798 6.1 - Medium - March 30, 2022

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.

Open Redirect

An issue was discovered in Joomla! 3.7.0 through 3.10.6

CVE-2022-23796 6.1 - Medium - March 30, 2022

An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields.

XSS

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0

CVE-2022-23795 9.8 - Critical - March 30, 2022

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.

authentification

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0

CVE-2022-23797 9.8 - Critical - March 30, 2022

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.

SQL Injection

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0

CVE-2022-23793 7.5 - High - March 30, 2022

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.

Directory traversal

An issue was discovered in Joomla! 4.0.0

CVE-2021-26040 9.1 - Critical - August 24, 2021

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.

AuthZ

An issue was discovered in Joomla! 2.5.0 through 3.9.27

CVE-2021-26036 7.5 - High - July 07, 2021

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.

Improper Input Validation

An issue was discovered in Joomla! 2.5.0 through 3.9.27

CVE-2021-26037 5.3 - Medium - July 07, 2021

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.

Insufficient Session Expiration

An issue was discovered in Joomla! 2.5.0 through 3.9.27

CVE-2021-26038 7.5 - High - July 07, 2021

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

Improper Check for Unusual or Exceptional Conditions

An issue was discovered in Joomla! 3.0.0 through 3.9.27

CVE-2021-26035 6.1 - Medium - July 07, 2021

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.

XSS

An issue was discovered in Joomla! 3.0.0 through 3.9.27

CVE-2021-26039 6.1 - Medium - July 07, 2021

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.

XSS

Joomla! Core is prone to a security bypass vulnerability

CVE-2010-1435 9.8 - Critical - June 21, 2021

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

AuthZ

Joomla! Core is prone to a session fixation vulnerability

CVE-2010-1434 7.5 - High - June 21, 2021

Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Session Fixation

Joomla! Core is prone to an information disclosure vulnerability

CVE-2010-1432 7.5 - High - June 21, 2021

Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Information Disclosure

Joomla! Core is prone to a vulnerability

CVE-2010-1433 9.8 - Critical - June 21, 2021

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Unrestricted File Upload

An issue was discovered in Joomla! 3.0.0 through 3.9.26

CVE-2021-26032 6.1 - Medium - May 26, 2021

An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.

XSS