Joomla Cms Luki w zabezpieczeniach

Oś czasu

Wersja

3.9.0	53
3.9.1	53
3.9.2	49
3.9.3	43
3.9.4	39

Przeciwdziałanie

Official Fix	215
Temporary Fix	0
Workaround	0
Unavailable	6
Not Defined	87

Wykorzystywanie

High	21
Functional	0
Proof-of-Concept	63
Unproven	7
Not Defined	217

Wektor dostępu

Not Defined	0
Physical	0
Local	11
Adjacent	0
Network	297

Uwierzytelnianie

Not Defined	0
High	1
Low	84
None	223

Interakcja z użytkownikiem

Not Defined	0
Required	111
None	197

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	27
≤5	42
≤6	85
≤7	66
≤8	67
≤9	15
≤10	6

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	35
≤5	68
≤6	65
≤7	94
≤8	27
≤9	16
≤10	3

VulDB

≤1	0
≤2	0
≤3	1
≤4	29
≤5	75
≤6	53
≤7	67
≤8	73
≤9	3
≤10	7

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	8
≤6	15
≤7	37
≤8	13
≤9	14
≤10	14

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	0
<5k	7
<10k	165
<25k	134
<50k	2
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	258
<2k	4
<5k	18
<10k	27
<25k	1
<50k	0
<100k	0
≥100k	0

Affected Versions (205): 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.0.11, 1.0.12, 1.0.13, 1.0.14, 1.03, 1.1, 1.2, 1.3, 1.4, 1.5, 1.5 Beta, 1.5 Beta1, 1.5 Beta 2, 1.5 RC1, 1.5 RC3, 1.5.0 Beta, 1.5.0 Beta1, 1.5.0 Beta2, 1.5.0 RC1, 1.5.0 Rc1, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.5.5, 1.5.6, 1.5.7, 1.5.8, 1.5.9, 1.5.11, 1.5.12, 1.5.13, 1.5.14, 1.5.15, 1.5.16, 1.5.17, 1.5.18, 1.5.19, 1.5.21, 1.5.22, 1.5.23, 1.5.24, 1.5.25, 1.5.26, 1.5rc3, 1.5rc4, 1.6, 1.6.1, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.5.9, 2.5.11, 2.5.12, 2.5.13, 2.5.14, 2.5.15, 2.5.16, 2.5.17, 2.5.18, 2.5.19, 2.5.21, 2.5.22, 2.5.23, 2.5.24, 2.5.25, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.7, 3.4.8, 3.5, 3.5.1, 3.6, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.7, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.7.5, 3.8, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9, 3.8.11, 3.8.12, 3.9, 3.9.1, 3.9.2, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 3.9.8, 3.9.9, 3.9.11, 3.9.12, 3.9.13, 3.9.14, 3.9.15, 3.9.16, 3.9.17, 3.9.18, 3.9.19, 3.9.21, 3.9.22, 3.9.23, 3.9.24, 3.9.25, 3.9.26, 3.10.1, 3.10.2, 3.10.3, 3.10.4, 3.10.5, 3.10.6, 3.10.7, 3.10.8, 3.10.9, 3.10.11, 3.10.12, 3.10.13, 3.10.14, 4.4, 4.4.1, 4.4.2, 5, 5.0.1, 5.0.2, 2007-01-18

Link to Product Website: https://www.joomla.org/

Typ oprogramowania: Content Management System

Opublikowano	Base	Temp	Słaby punkt	0day	Dzisiaj	Wyk	Prz	CTI	CVE
2024-02-20	3.5	3.5	Joomla CMS cross site scripting	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.06	CVE-2024-21726
2024-02-20	3.5	3.5	Joomla CMS Mail Address cross site scripting	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.04	CVE-2024-21725
2024-02-20	3.5	3.5	Joomla CMS Media Selection cross site scripting	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2024-21724
2024-02-20	3.5	3.5	Joomla CMS URL Parser Redirect	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.03	CVE-2024-21723
2024-02-20	3.1	3.1	Joomla CMS MFA Management weak authentication	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.04	CVE-2024-21722
2021-05-26	3.5	3.5	Joomla CMS Data Download Endpoint cross site request forgery	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-26034
2021-05-26	3.5	3.5	Joomla CMS AJAX Reordering Endpoint cross site request forgery	$0-$5k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2021-26033
2021-05-26	3.5	3.5	Joomla CMS canUpload cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	CVE-2021-26032
2020-08-26	5.2	4.9	Joomla CMS mod_latestactions cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-24599
2020-08-26	6.6	6.3	Joomla CMS com_content Redirect	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2020-24598
2020-07-15	6.3	6.3	Joomla CMS com_installer cross site request forgery	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2020-15700
2020-07-15	5.3	5.3	Joomla CMS Validation weak authentication	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.04	CVE-2020-15699
2020-07-15	5.3	5.3	Joomla CMS Filter Credentials information disclosure	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.05	CVE-2020-15698
2020-07-15	5.3	5.3	Joomla CMS privilege escalation	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.07	CVE-2020-15697
2020-07-15	5.4	5.4	Joomla CMS mod_random_image cross site scripting	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	CVE-2020-15696
2020-07-15	6.3	6.3	Joomla CMS com_privacy cross site request forgery	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2020-15695
2020-06-02	5.9	5.6	Joomla CMS Textfilter privilege escalation	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-13763
2020-06-02	5.2	4.9	Joomla CMS com_modules cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-13762
2020-06-02	5.2	4.9	Joomla CMS Articles cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-13761
2020-06-02	6.5	6.2	Joomla CMS com_postinstall cross site request forgery	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-13760
2020-04-21	6.3	6.1	Joomla CMS com_users privilege escalation	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-11891
2020-04-21	6.3	6.1	Joomla CMS ACL privilege escalation	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-11890
2020-04-21	5.9	5.7	Joomla CMS com_users privilege escalation	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	CVE-2020-11889
2020-03-16	8.5	8.4	Joomla CMS sql injection	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-10243
2020-03-16	5.2	5.1	Joomla CMS Protostar/Beez3 cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2020-10242