High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Joomla Improper Input Validation Vulnerability (CVE-2015-8564)	CVE-2015-8564 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2015-8565)	CVE-2015-8565 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2016-8870)	CVE-2016-8870 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2018-12712)	CVE-2018-12712 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2020-35616)	CVE-2020-35616 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2021-23131)	CVE-2021-23131 CWE-20	CWE-20	High
Joomla Improper Input Validation Vulnerability (CVE-2021-26036)	CVE-2021-26036 CWE-20	CWE-20	High
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-35612)	CVE-2020-35612 CWE-22	CWE-22	High
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23793)	CVE-2022-23793 CWE-22	CWE-22	High
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-40384)	CVE-2026-40384 CWE-22	CWE-22	High
Joomla Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3227)	CVE-2008-3227 CWE-59	CWE-59	High
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40748)	CVE-2024-40748 CWE-707	CWE-707	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-1049)	CVE-2006-1049 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0795)	CVE-2008-0795 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1935)	CVE-2008-1935 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6852)	CVE-2008-6852 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1499)	CVE-2009-1499 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)	CVE-2010-2679 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4166)	CVE-2010-4166 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)	CVE-2010-4696 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1116)	CVE-2012-1116 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)	CVE-2014-7981 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)	CVE-2015-4654 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)	CVE-2015-7297 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)	CVE-2015-7857 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)	CVE-2015-7858 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)	CVE-2015-8769 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)	CVE-2018-8045 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-21630)	CVE-2026-21630 CWE-138	CWE-138	High
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)	CVE-2020-13763 CWE-281	CWE-281	High
Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)	CVE-2012-1563 CWE-269	CWE-269	High
Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)	CVE-2018-11323 CWE-269	CWE-269	High
Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)	CVE-2018-17855 CWE-269	CWE-269	High
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)	CVE-2023-23755 CWE-307	CWE-307	High
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)	CVE-2011-3629 CWE-326	CWE-326	High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)	CVE-2019-10946 CWE-306	CWE-306	High
Joomla Missing Authorization Vulnerability (CVE-2019-9713)	CVE-2019-9713 CWE-862	CWE-862	High
Joomla Missing Authorization Vulnerability (CVE-2020-10239)	CVE-2020-10239 CWE-862	CWE-862	High
Joomla Numeric Errors Vulnerability (CVE-2008-4102)	CVE-2008-4102		High
Joomla Other Vulnerability (CVE-2005-3772)	CVE-2005-3772		High
Joomla Other Vulnerability (CVE-2006-1028)	CVE-2006-1028		High
Joomla Other Vulnerability (CVE-2006-2960)	CVE-2006-2960		High
Joomla Other Vulnerability (CVE-2006-3481)	CVE-2006-3481		High
Joomla Other Vulnerability (CVE-2006-6833)	CVE-2006-6833		High
Joomla Other Vulnerability (CVE-2006-7008)	CVE-2006-7008		High
Joomla Other Vulnerability (CVE-2006-7009)	CVE-2006-7009		High
Joomla Other Vulnerability (CVE-2006-7010)	CVE-2006-7010		High
Joomla Other Vulnerability (CVE-2007-0374)	CVE-2007-0374		High
Joomla Other Vulnerability (CVE-2007-4184)	CVE-2007-4184		High
Joomla Other Vulnerability (CVE-2013-1453)	CVE-2013-1453		High
Joomla Other Vulnerability (CVE-2024-27187)	CVE-2024-27187		High
Joomla Other Vulnerability (CVE-2024-40749)	CVE-2024-40749		High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)	CVE-2006-4475 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)	CVE-2006-4476 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)	CVE-2012-1598 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)	CVE-2014-7984 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)	CVE-2016-9837 CWE-264	CWE-264	High
Joomla Session Fixation Vulnerability (CVE-2010-1434)	CVE-2010-1434 CWE-384	CWE-384	High
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)	CVE-2018-11322 CWE-434	CWE-434	High
Joomla Use of Cache Containing Sensitive Information Vulnerability (CVE-2026-48901)	CVE-2026-48901 CWE-524	CWE-524	High
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)	CVE-2012-1562 CWE-330	CWE-330	High
jQuery File Upload unauthenticated arbitrary file upload	CVE-2018-9206 CWE-434	CWE-434	High
jQuery Validation Other Vulnerability (CVE-2021-43306)	CVE-2021-43306		High
jQuery Validation Other Vulnerability (CVE-2022-31147)	CVE-2022-31147		High
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)	CVE-2021-21252 CWE-400	CWE-400	High
JSP authentication bypass	CWE-287	CWE-287	High
jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)	CVE-2022-48285 CWE-22	CWE-22	High
Jupyter Notebook publicly accessible	CWE-78	CWE-78	High
JWT Signature Bypass via kid Path Traversal	CWE-287	CWE-287	High
JWT Signature Bypass via kid SQL injection	CWE-287	CWE-287	High
JWT Signature Bypass via None Algorithm	CWE-345	CWE-345	High
JWT Signature Bypass via unvalidated jku parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated jwk parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated x5c parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated x5u parameter	CWE-287	CWE-287	High

Joomla Improper Input Validation Vulnerability (CVE-2015-8564)

CVE-2015-8564

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2015-8565)

CVE-2015-8565

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2016-8870)

CVE-2016-8870

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2018-12712)

CVE-2018-12712

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2020-35616)

CVE-2020-35616

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2021-23131)

CVE-2021-23131

CWE-20

High

Joomla Improper Input Validation Vulnerability (CVE-2021-26036)

CVE-2021-26036

CWE-20

High

Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-35612)

CVE-2020-35612

CWE-22

High

Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23793)

CVE-2022-23793

CWE-22

High

Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-40384)

CVE-2026-40384

CWE-22

High

Joomla Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3227)

CVE-2008-3227

CWE-59

High

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40748)

CVE-2024-40748

CWE-707

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-1049)

CVE-2006-1049

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0795)

CVE-2008-0795

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1935)

CVE-2008-1935

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6852)

CVE-2008-6852

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1499)

CVE-2009-1499

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)

CVE-2010-2679

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4166)

CVE-2010-4166

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)

CVE-2010-4696

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1116)

CVE-2012-1116

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)

CVE-2014-7981

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)

CVE-2015-4654

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)

CVE-2015-7297

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)

CVE-2015-7857

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)

CVE-2015-7858

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)

CVE-2015-8769

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)

CVE-2018-8045

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-21630)

CVE-2026-21630

CWE-138

High

Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)

CVE-2020-13763

CWE-281

High

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

CVE-2012-1563

CWE-269

High

Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)

CVE-2018-11323

CWE-269

High

Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)

CVE-2018-17855

CWE-269

High

Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)

CVE-2023-23755

CWE-307

High

Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)

CVE-2011-3629

CWE-326

High

Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)

CVE-2019-10946

CWE-306

High

Joomla Missing Authorization Vulnerability (CVE-2019-9713)

CVE-2019-9713

CWE-862

High

Joomla Missing Authorization Vulnerability (CVE-2020-10239)

CVE-2020-10239

CWE-862

High

Joomla Numeric Errors Vulnerability (CVE-2008-4102)

CVE-2008-4102

High

Joomla Other Vulnerability (CVE-2005-3772)

CVE-2005-3772

High

Joomla Other Vulnerability (CVE-2006-1028)

CVE-2006-1028

High

Joomla Other Vulnerability (CVE-2006-2960)

CVE-2006-2960

High

Joomla Other Vulnerability (CVE-2006-3481)

CVE-2006-3481

High

Joomla Other Vulnerability (CVE-2006-6833)

CVE-2006-6833

High

Joomla Other Vulnerability (CVE-2006-7008)

CVE-2006-7008

High

Joomla Other Vulnerability (CVE-2006-7009)

CVE-2006-7009

High

Joomla Other Vulnerability (CVE-2006-7010)

CVE-2006-7010

High

Joomla Other Vulnerability (CVE-2007-0374)

CVE-2007-0374

High

Joomla Other Vulnerability (CVE-2007-4184)

CVE-2007-4184

High

Joomla Other Vulnerability (CVE-2013-1453)

CVE-2013-1453

High

Joomla Other Vulnerability (CVE-2024-27187)

CVE-2024-27187

High

Joomla Other Vulnerability (CVE-2024-40749)

CVE-2024-40749

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)

CVE-2006-4475

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)

CVE-2006-4476

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)

CVE-2012-1598

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)

CVE-2014-7984

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)

CVE-2016-9837

CWE-264

High

Joomla Session Fixation Vulnerability (CVE-2010-1434)

CVE-2010-1434

CWE-384

High

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)

CVE-2018-11322

CWE-434

High

Joomla Use of Cache Containing Sensitive Information Vulnerability (CVE-2026-48901)

CVE-2026-48901

CWE-524

High

Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)

CVE-2012-1562

CWE-330

High

jQuery File Upload unauthenticated arbitrary file upload

CVE-2018-9206

CWE-434

High

jQuery Validation Other Vulnerability (CVE-2021-43306)

CVE-2021-43306

High

jQuery Validation Other Vulnerability (CVE-2022-31147)

CVE-2022-31147

High

jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)

CVE-2021-21252

CWE-400

High

JSP authentication bypass

CWE-287

High

jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)

CVE-2022-48285

CWE-22

High

Jupyter Notebook publicly accessible

CWE-78

High

JWT Signature Bypass via kid Path Traversal

CWE-287

High

JWT Signature Bypass via kid SQL injection

CWE-287

High

JWT Signature Bypass via None Algorithm

CWE-345

High

JWT Signature Bypass via unvalidated jku parameter

CWE-287

High

JWT Signature Bypass via unvalidated jwk parameter

CWE-287

High

JWT Signature Bypass via unvalidated x5c parameter

CWE-287

High

JWT Signature Bypass via unvalidated x5u parameter

CWE-287

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities