Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (945 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-54476 1 Joomla 2 Joomla, Joomla! 2025-10-02 N/A
Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class.
CVE-2025-54477 1 Joomla 2 Joomla, Joomla! 2025-10-02 5.3 Medium
Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method.
CVE-2025-54300 1 Joomla 2 Joomla, Joomla! 2025-08-25 N/A
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.
CVE-2025-54301 1 Joomla 2 Joomla, Joomla! 2025-08-25 N/A
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.
CVE-2025-54474 1 Joomla 2 Joomla, Joomla! 2025-08-16 N/A
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.
CVE-2025-54475 2 Joomla, Joomsky 3 Joomla, Joomla!, Js Jobs 2025-08-16 N/A
A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
CVE-2025-54473 1 Joomla 2 Joomla, Joomla! 2025-08-16 N/A
An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.
CVE-2025-54299 2 Joomla, Nobossextensions 2 Joomla!, No Boss Testimonials Component 2025-08-05 N/A
A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.
CVE-2023-23752 1 Joomla 1 Joomla\! 2025-07-31 5.3 Medium
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
CVE-2025-54298 1 Joomla 2 Joomla, Joomla! 2025-07-31 N/A
A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.
CVE-2016-10033 3 Joomla, Phpmailer Project, Wordpress 3 Joomla\!, Phpmailer, Wordpress 2025-07-30 9.8 Critical
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
CVE-2025-54297 1 Joomla 1 Joomla 2025-07-25 N/A
A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered.
CVE-2024-27184 1 Joomla 1 Joomla\! 2025-06-04 6.1 Medium
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..
CVE-2024-27185 2 Joomial Project, Joomla 2 Joomial Cms, Joomla\! 2025-06-04 9.1 Critical
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.
CVE-2024-27186 1 Joomla 1 Joomla\! 2025-06-04 6.1 Medium
The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.
CVE-2024-27187 1 Joomla 1 Joomla\! 2025-06-04 7.5 High
Improper Access Controls allows backend users to overwrite their username when disallowed.
CVE-2024-40743 1 Joomla 1 Joomla\! 2025-06-04 6.1 Medium
The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.
CVE-2024-40747 1 Joomla 1 Joomla\! 2025-06-04 6.1 Medium
Various module chromes didn't properly process inputs, leading to XSS vectors.
CVE-2024-40748 1 Joomla 1 Joomla\! 2025-06-04 7.5 High
Lack of output escaping in the id attribute of menu lists.
CVE-2024-40749 1 Joomla 1 Joomla\! 2025-06-04 7.5 High
Improper Access Controls allows access to protected views.