Joomla Vulnérabilités

Chronologie

Taper

Content Management System312
Joomla Component1

Produit

Joomla CMS308
Joomla-cbe Com Cbe1
Joomla-clantools Clantools1
Joomla.batjo Com Shoutbox1
Joomla-research Com Jresearch1

Contre-mesures

Official Fix216
Temporary Fix0
Workaround0
Unavailable8
Not Defined89

Exploitabilité

High22
Functional0
Proof-of-Concept67
Unproven7
Not Defined217

Vecteur d'accès

Not Defined0
Physical0
Local11
Adjacent0
Network302

Authentification

Not Defined0
High1
Low84
None228

Interaction de l'utilisateur

Not Defined0
Required111
None202

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤427
≤542
≤687
≤766
≤870
≤915
≤106

CVSSv3 Temp

≤10
≤20
≤30
≤435
≤569
≤666
≤797
≤827
≤916
≤103

VulDB

≤10
≤20
≤31
≤429
≤575
≤655
≤767
≤876
≤93
≤107

NVD

≤10
≤20
≤30
≤41
≤58
≤615
≤737
≤813
≤914
≤1014

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k0
<2k0
<5k7
<10k165
<25k138
<50k3
<100k0
≥100k0

Exploiter aujourd'hui

<1k262
<2k4
<5k20
<10k26
<25k1
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (6): CMS (308), Clantools (1), Com Cbe (1), Com Jresearch (1), Com Shoutbox (1), D4J eZine (1)

Link to Vendor Website: https://www.joomla.org/

PubliéBaseTempVulnérabilitéProdExpConEPSSCTICVE
20/02/20243.53.5Joomla CMS cross site scriptingContent Management SystemNot DefinedNot Defined0.000430.00CVE-2024-21726
20/02/20243.53.5Joomla CMS Mail Address cross site scriptingContent Management SystemNot DefinedNot Defined0.000430.02CVE-2024-21725
20/02/20243.53.5Joomla CMS Media Selection cross site scriptingContent Management SystemNot DefinedNot Defined0.000430.02CVE-2024-21724
20/02/20243.53.5Joomla CMS URL Parser RedirectContent Management SystemNot DefinedNot Defined0.000610.03CVE-2024-21723
20/02/20243.13.1Joomla CMS MFA Management authentification faibleContent Management SystemNot DefinedNot Defined0.000430.04CVE-2024-21722
26/05/20213.53.5Joomla CMS Data Download Endpoint cross site request forgeryContent Management SystemNot DefinedNot Defined0.000530.00CVE-2021-26034
26/05/20213.53.5Joomla CMS AJAX Reordering Endpoint cross site request forgeryContent Management SystemNot DefinedNot Defined0.000530.00CVE-2021-26033
26/05/20213.53.5Joomla CMS canUpload cross site scriptingContent Management SystemNot DefinedNot Defined0.001030.08CVE-2021-26032
26/08/20205.24.9Joomla CMS mod_latestactions cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001030.00CVE-2020-24599
26/08/20206.66.3Joomla CMS com_content RedirectContent Management SystemNot DefinedOfficial Fix0.001030.02CVE-2020-24598
15/07/20206.36.3Joomla CMS com_installer cross site request forgeryContent Management SystemNot DefinedNot Defined0.000530.00CVE-2020-15700
15/07/20205.35.3Joomla CMS Validation authentification faibleContent Management SystemNot DefinedNot Defined0.000770.02CVE-2020-15699
15/07/20205.35.3Joomla CMS Filter Credentials divulgation de l'informationContent Management SystemNot DefinedNot Defined0.001100.05CVE-2020-15698
15/07/20205.35.3Joomla CMS elévation de privilègesContent Management SystemNot DefinedNot Defined0.000500.07CVE-2020-15697
15/07/20205.45.4Joomla CMS mod_random_image cross site scriptingContent Management SystemNot DefinedNot Defined0.001030.00CVE-2020-15696
15/07/20206.36.3Joomla CMS com_privacy cross site request forgeryContent Management SystemNot DefinedNot Defined0.000530.00CVE-2020-15695
02/06/20205.95.6Joomla CMS Textfilter elévation de privilègesContent Management SystemNot DefinedOfficial Fix0.000770.00CVE-2020-13763
02/06/20205.24.9Joomla CMS com_modules cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001030.00CVE-2020-13762
02/06/20205.24.9Joomla CMS Articles cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001030.00CVE-2020-13761
02/06/20206.56.2Joomla CMS com_postinstall cross site request forgeryContent Management SystemNot DefinedOfficial Fix0.000730.00CVE-2020-13760
21/04/20206.36.1Joomla CMS com_users elévation de privilègesContent Management SystemNot DefinedOfficial Fix0.000770.00CVE-2020-11891
21/04/20206.36.1Joomla CMS ACL elévation de privilègesContent Management SystemNot DefinedOfficial Fix0.000770.00CVE-2020-11890
21/04/20205.95.7Joomla CMS com_users elévation de privilègesContent Management SystemNot DefinedOfficial Fix0.000770.07CVE-2020-11889
16/03/20208.58.4Joomla CMS sql injectionContent Management SystemNot DefinedOfficial Fix0.001960.04CVE-2020-10243
16/03/20205.25.1Joomla CMS Protostar/Beez3 cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001030.04CVE-2020-10242

288 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 288 results.

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!