Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

Joomla

Joomla is an award-winning content management system (CMS) which enables you to build Web sites and powerful online applications. Many aspects including its ease-of-use and extensibility have made Joomla the most popular Web site software available. Best of all Joomla is an open source solution that is freely available to everyone.

Official Site:

https://www.joomla.org/

Severity Summary:

Critical: 70 High: 161 Medium: 424 Low: 10 Information: 16
Reference
Title
Severity
CVE-2008-3681
Joomla Core 1.5.x Security Bypass
Critical
CVE-2019-19846
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2011-4908
Joomla Core 1.5.12 Arbitrary File Upload
Critical
CVE-2019-12765
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability
Critical
CVE-2026-48902
Joomla Vulnerability
Critical
CVE-2026-48898
Joomla Vulnerability
Critical
CVE-2026-35222
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2024-27185
Joomla Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Critical
CVE-2026-35221
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2026-40383
Joomla Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2005-3772
Joomla Other Vulnerability
High
CVE-2010-1433
Joomla Core 1.5.x Arbitrary File Upload
High
No CVE number
Joomla Core 1.5.x Information Disclosure
High
CVE-2010-1434
Joomla Session Fixation Vulnerability
High
CVE-2008-4102
Joomla Core 1.5.x Security Bypass
High
CVE-2021-26036
Joomla Improper Input Validation Vulnerability
High
CVE-2010-1432
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2021-26038
Joomla Improper Check for Unusual or Exceptional Conditions Vulnerability
High
CVE-2006-1049
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2008-4105
Joomla Core 1.5.x Variable Injection
High
No CVE number
Joomla Core 1.6.x Information Disclosure
High
CVE-2006-4469
Joomla Vulnerability
High
CVE-2006-4470
Joomla Vulnerability
High
CVE-2010-3712
Joomla Core 1.6.0 Multiple Vulnerabilities
High
CVE-2008-5671
Joomla Core 1.0.x Remote File Inclusion
High
CVE-2006-1028
Joomla Other Vulnerability
High
CVE-2012-1563
Joomla Core 1.6.x Security Bypass
High
No CVE number
Joomla Core 1.5.x Information Disclosure
High
CVE-2008-4102
Joomla Numeric Errors Vulnerability
High
CVE-2012-2747
Joomla Vulnerability
High