Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

Joomla

Joomla is an award-winning content management system (CMS) which enables you to build Web sites and powerful online applications. Many aspects including its ease-of-use and extensibility have made Joomla the most popular Web site software available. Best of all Joomla is an open source solution that is freely available to everyone.

Official Site:

https://www.joomla.org/

Severity Summary:

Critical: 62 High: 157 Medium: 416 Low: 10 Information: 16
Reference
Title
Severity
CVE-2015-7858
Joomla Core 3.x.x SQL Injection
Critical
CVE-2013-5576
Joomla Core 2.5.x Arbitrary File Upload
Critical
CVE-2015-8562
Joomla Core Remote Code Execution
Critical
CVE-2017-14596
Joomla Improper Neutralization of Special Elements used in an LDAP Query (LDAP Injection) Vulnerability
Critical
CVE-2019-11831
Joomla Core 3.9.x Directory Traversal
Critical
CVE-2008-3681
Joomla Core 1.5.x Security Bypass
Critical
CVE-2016-8869
Joomla Improper Input Validation Vulnerability
Critical
CVE-2016-9836
Joomla Improper Access Control Vulnerability
Critical
CVE-2016-9081
Joomla Credentials Management Errors Vulnerability
Critical
No CVE number
Joomla Core 3.x.x SQL Injection
Critical
CVE-2017-8917
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2022-23793
Joomla Core 4.x.x Multiple Vulnerabilities
Critical
CVE-2021-26040
Joomla Core 4.0.0 Security Bypass
Critical
CVE-2022-23799
Joomla Core 4.x.x Multiple Vulnerabilities
Critical
CVE-2019-19846
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2006-0303
Joomla Other Vulnerability
Critical
CVE-2016-10045
Joomla Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
Critical
CVE-2019-11831
Joomla Deserialization of Untrusted Data Vulnerability
Critical
CVE-2006-1047
Joomla Other Vulnerability
Critical
CVE-2024-27185
Joomla Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Critical
CVE-2005-3773
Joomla Other Vulnerability
Critical
CVE-2022-23795
Joomla Improper Authentication Vulnerability
Critical
CVE-2019-12765
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability
Critical
CVE-2025-25226
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2019-10945
Joomla Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2022-23797
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2019-7743
Joomla Deserialization of Untrusted Data Vulnerability
Critical
CVE-2010-1435
Joomla Incorrect Authorization Vulnerability
Critical
CVE-2011-4906
Joomla Core 1.5.12 Arbitrary File Upload
Critical
CVE-2010-1433
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability
Critical