Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how joomla compares to other vendors in security performance

View Risk Score →

Software

joomla
244
joomla joomla\!
145
joomla joomla
42
joomla!
32
joomla rs gallery2
3
joomla bsq sitestats
2
joomla ekrishta
2
joomla! com astatspro
2
joomla! com downloads
2
joomla! com quiz
2
joomla acajoom
1
joomla akobook
1
joomla be it easypartner component
1
joomla bibtex
1
joomla car manager
1
joomla clantools
1
joomla classifieds component
1
joomla colophon
1
joomla com beamospetition
1
joomla com cbe
1
joomla com classifieds
1
joomla com datsogallery
1
joomla com eventing
1
joomla com events
1
joomla com filebase component
1
joomla com gsticketsystem
1
joomla com hotproperties
1
joomla com libros
1
joomla com marketplace
1
joomla com mosmedia
1
joomla com neogallery
1
joomla com newsfeeds
1
joomla com newsletter
1
joomla com pcchess
1
joomla com pccookbook
1
joomla com profile
1
joomla com scheduling component
1
joomla com school
1
joomla com sef
1
joomla com waticketsystem
1
joomla com weblinks
1
joomla com_hdwplayer
1
joomla component joomlub
1
joomla cookbook
1
joomla easybook component
1
joomla eventlist
1
joomla events module
1
joomla expose
1
joomla glossary
1
joomla hot properties
1

Joomla EkRishtaJoomla! Component EkRishta 2.10 SQL Injection via username

Risk 54
Severity
8.2
First published (updated )
CVE-2018-25351

Joomla Joomla Component Ek RishtaJoomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Risk 54
Severity
8.2
First published (updated )
CVE-2018-25348

Joomla EkRishtaJoomla! EkRishta 2.10 Persistent XSS and SQL Injection

Risk 57
Severity
8.8
First published (updated )
CVE-2018-25330

Joomla J2 JOBSJoomla J2 JOBS 1.3.0 Authenticated SQL Injection via sortby

Risk 49
Severity
7.1
First published (updated )
CVE-2020-37226

Joomla com_hdwplayerJoomla com_hdwplayer 4.2 SQL Injection via search.php

Risk 57
Severity
8.8
First published (updated )
CVE-2020-37218
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate

Risk 72
Severity
8.6
First published (updated )
CVE-2026-23898

Joomla Joomla\!Joomla! Core - [20260306] - Improper access check in webservice endpoints

Risk 79
Severity
8.6
First published (updated )
CVE-2026-23899

Joomla Quantum ManagerExtension - norrnext.com - Stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla

Risk 72
Severity
8.5
First published (updated )
CVE-2025-54300

Joomla Quantum ManagerExtension - norrnext.com - Stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla

Risk 72
Severity
8.5
First published (updated )
CVE-2025-54301

Joomla CCommentExtension - compojoom.com - Stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla

Risk 48
Severity
7
First published (updated )
CVE-2025-54297
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla ProFilesExtension - mooj.org - Stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla

Risk 48
Severity
7
First published (updated )
CVE-2025-54296

Joomla JS JobsExtension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.1 for Joomla

Risk 95
Severity
8.7
Exploited
First published (updated )
CVE-2025-49484

composer/joomla/joomla-cms[20250402] - Joomla Core - MFA Authentication Bypass

Risk 43
Severity
7.5
First published (updated )
CVE-2025-25227

Admiror GalleryExtension - admiror-design-studio.com - Path traversal in the Admiror Gallery 4.x component for Joomla

Risk 43
Severity
7.5
First published (updated )
CVE-2025-22205

Joomla Joomla\![20250103] - Core - Read ACL violation in multiple core views

Risk 43
Severity
7.5
First published (updated )
CVE-2024-40749
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\![20250102] - Core - XSS vector in the id attribute of menu lists

Risk 43
Severity
7.5
First published (updated )
CVE-2024-40748

Joomla Joomla\![20240804] - Core - Improper ACL for backend profile view

Risk 43
Severity
7.5
First published (updated )
CVE-2024-27187

Joomla Joomla\![20231101] - Core - Exposure of environment variables

Risk 43
Severity
7.5
First published (updated )
CVE-2023-40626

Joomla Joomla\![20230502] - Core - Bruteforce prevention within the mfa screen

Risk 43
Severity
7.5
First published (updated )
CVE-2023-23755

composer/joomla/archive[20220301] - Core - Zip Slip within the Tar extractor

Risk 45
Severity
7.5
First published (updated )
CVE-2022-23793
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\![20210704] - Core - Privilege escalation through com_installer

Risk 43
Severity
7.5
First published (updated )
CVE-2021-26038

Joomla Joomla\![20210702] - Core - DoS through usergroup table manipulation

Risk 43
Severity
7.5
First published (updated )
CVE-2021-26036

Joomla Joomla\!Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hi…

Risk 43
Severity
7.5
First published (updated )
CVE-2010-1434

Joomla Joomla\!Infoleak

Risk 43
Severity
7.5
First published (updated )
CVE-2010-1432

Joomla Joomla\![20210305] - Core - Input validation within the template manager

Risk 43
Severity
7.5
First published (updated )
CVE-2021-23131
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\![20210306] - Core - com_media allowed paths that are not intended for image uploads

Risk 43
Severity
7.5
First published (updated )
CVE-2021-23132

Joomla Joomla\![20201102] - Core - Disclosure of secrets in Global Configuration page

Risk 43
Severity
7.5
First published (updated )
CVE-2020-35611

Joomla Joomla\![20201103] - Core - Path traversal in mod_random_image

Risk 43
Severity
7.5
First published (updated )
CVE-2020-35612

Joomla Joomla\![20201101] - Core - com_finder ignores access levels on autosuggest

Risk 43
Severity
7.5
First published (updated )
CVE-2020-35610

Joomla Joomla\![20201107] - Core - Write ACL violation in multiple core views

Risk 43
Severity
7.5
First published (updated )
CVE-2020-35616
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203