Exploit Directory: Joomla (104)
Joomla JLex Review 6.0.1 – Reflected XSS
Medium php CraCkEr 2023-08-04
view exploit
Joomla iProperty Real Estate 4.1.1 – Reflected XSS
Medium php CraCkEr 2023-07-31
view exploit
Joomla Solidres 2.13.3 – Reflected XSS
Medium php CraCkEr 2023-07-31
view exploit
Joomla HikaShop 4.7.4 – Reflected XSS
Medium php CraCkEr 2023-07-28
view exploit
Joomla VirtueMart Shopping Cart 4.0.12 – Reflected XSS
Medium php CraCkEr 2023-07-28
view exploit
Joomla! com_booking component 2.4.9 – Information Leak (Account enumeration)
High php qw3rTyTy 2023-07-19
view exploit
Joomla! v4.2.8 – Unauthenticated information disclosure
High Verified CVE-2023-23752 php Alexandre ZANNI 2023-04-08
view exploit
Joomla Plugin SexyPolling 2.1.7 – SQLi
High php Wolfgang Hotwagner 2022-05-11
view exploit
Balbooa Joomla Forms Builder 2.0.6 – SQL Injection (Unauthenticated)
Critical php blockomat2100 2021-10-25
view exploit
Joomla JCK Editor 6.4.4 – ‘parent’ SQL Injection (2)
Critical CVE-2018-17254 php Nicholas Ferreira 2021-03-08
view exploit
Joomla! Component GMapFP 3.5 – Unauthenticated Arbitrary File Upload
Critical CVE-2020-23972 php ThelastVvV 2020-12-01
view exploit
Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 – Multiple Vulnerabilities
High php Vulnerability-Lab 2020-11-17
view exploit
Joomla! paGO Commerce 2.5.9.0 – SQL Injection (Authenticated)
Critical php Mehmet Kelepçe 2020-09-14
view exploit
Joomla! J2 JOBS 1.3.0 – ‘sortby’ Authenticated SQL Injection
Critical php Mehmet Kelepçe 2020-07-15
view exploit
Joomla! J2 Store 3.3.11 – ‘filter_order_Dir’ Authenticated SQL Injection
Critical php Mehmet Kelepçe 2020-06-10
view exploit
Joomla! Plugin XCloner Backup 3.5.3 – Local File Inclusion (Authenticated)
High php Mehmet Kelepçe 2020-05-26
view exploit
Joomla! com_fabrik 3.9.11 – Directory Traversal
High php qw3rTyTy 2020-03-30
view exploit
Joomla! Component GMapFP 3.30 – Arbitrary File Upload
Critical php ThelastVvV 2020-03-25
view exploit
Joomla! com_hdwplayer 4.2 – ‘search.php’ SQL Injection
Critical php qw3rTyTy 2020-03-23
view exploit
Joomla! Component ACYMAILING 3.9.0 – Unauthenticated Arbitrary File Upload
Critical php qw3rTyTy 2020-03-18
view exploit
Joomla! Component com_newsfeeds 1.0 – ‘feedid’ SQL Injection
Critical php Milad karimi 2020-03-12
view exploit
Joomla! 3.9.0 < 3.9.7 - CSV Injection
High CVE-2019-12765 php i4bdullah 2020-03-11
view exploit
Joomla! 3.4.6 – Remote Code Execution (Metasploit)
Critical php Alessandro Groppo 2019-10-23
view exploit
Joomla! 3.4.6 – Remote Code Execution
Critical php Alessandro Groppo 2019-10-18
view exploit
Joomla! 3.4.6 – ‘configuration.php’ Remote Code Execution
Critical php Alessandro Groppo 2019-10-07
view exploit
Joomla! component com_jsjobs 1.2.6 – Arbitrary File Deletion
High php qw3rTyTy 2019-08-16
view exploit
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘customfields.php’ SQL Injection
Critical php qw3rTyTy 2019-08-14
view exploit
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘cities.php’ SQL Injection
Critical php qw3rTyTy 2019-08-12
view exploit
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 – ‘ticket.php’ Arbitrary File Deletion
High php qw3rTyTy 2019-08-12
view exploit
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 – ‘ticketreply.php’ SQL Injection
Critical php qw3rTyTy 2019-08-12
view exploit
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – Arbitrary File Download
High php qw3rTyTy 2019-08-08
view exploit
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – SQL Injection
Critical php qw3rTyTy 2019-08-08
view exploit
Joomla! Component ARI Quiz 3.7.4 – SQL Injection
Critical php Mr Winst0n 2019-04-30
view exploit
Joomla! Component JiFile 2.3.1 – Arbitrary File Download
High php Mr Winst0n 2019-04-30
view exploit
Joomla! Core 1.5.0 – 3.9.4 – Directory Traversal / Authenticated Arbitrary File Deletion
High CVE-2019-10945 php Haboob Team 2019-04-16
view exploit
Joomla! Component J2Store < 3.3.7 - SQL Injection
Critical Verified CVE-2019-9184 php Andrei Conache 2019-02-28
view exploit
Joomla! Component J-CruisePortal 6.0.4 – SQL Injection
Critical php Ihsan Sencan 2019-01-24
view exploit
Joomla! Component JHotelReservation 6.0.7 – SQL Injection
Critical php Ihsan Sencan 2019-01-24
view exploit
Joomla! Component J-BusinessDirectory 4.9.7 – ‘type’ SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component J-ClassifiedsManager 3.0.5 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component JMultipleHotelReservation 6.0.7 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vAccount 2.0.2 – ‘vid’ SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vBizz 1.0.7 – Remote Code Execution
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vBizz 1.0.7 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component VMap 1.9.6 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vRestaurant 1.9.4 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vReview 1.9.11 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component vWishlist 1.0.1 – SQL Injection
Critical php Ihsan Sencan 2019-01-23
view exploit
Joomla! Component Easy Shop 1.2.3 – Local File Inclusion
High php Ihsan Sencan 2019-01-22
view exploit
Joomla! Core 3.9.1 – Persistent Cross-Site Scripting in Global Configuration Textfilter Settings
High CVE-2019-6263 php Praveen Sutar 2019-01-18
view exploit
Joomla! Component JoomCRM 1.1.1 – SQL Injection
Critical Verified php Ihsan Sencan 2019-01-11
view exploit
Joomla! Component JoomProject 1.1.3.2 – Information Disclosure
High Verified php Ihsan Sencan 2019-01-11
view exploit
Joomla! Component Jimtawl 2.2.7 – ‘id’ SQL Injection
Critical php Ihsan Sencan 2018-10-03
view exploit
Joomla! Component AlphaIndex Dictionaries 1.0 – SQL Injection
Critical CVE-2018-17397 php Ihsan Sencan 2018-09-25
view exploit
Joomla! Component Article Factory Manager 4.3.9 – SQL Injection
Critical Verified CVE-2018-17380 php Ihsan Sencan 2018-09-25
view exploit
Joomla! Component Collection Factory 4.1.9 – SQL Injection
Critical CVE-2018-17383 php Ihsan Sencan 2018-09-25
view exploit
Joomla! Component Dutch Auction Factory 2.0.2 – ‘filter_order_Dir’ SQL Injection
Critical php Ihsan Sencan 2018-09-25
view exploit
Joomla! Component eXtroForms 2.1.5 – ‘filter_type_id’ SQL Injection
Critical php AkkuS 2018-09-25
view exploit
Joomla! Component Jobs Factory 2.0.4 – SQL Injection
Critical Verified CVE-2018-17382 php Ihsan Sencan 2018-09-25
view exploit
Joomla! Component Auction Factory 4.5.5 – ‘filter_order’ SQL Injection
Critical php Ihsan Sencan 2018-09-24
view exploit
Joomla! Component CW Article Attachments 1.0.6 – ‘id’ SQL Injection
Critical CVE-2018-14592 php Haboob Team 2018-09-24
view exploit
Joomla! Component JCK Editor 6.4.4 – ‘parent’ SQL Injection
Critical Verified CVE-2018-17254 php Hamza Megahed 2018-09-17
view exploit
Joomla! Component Jomres 9.11.2 – Cross-Site Request Forgery (Add User)
High php L0RD 2018-06-18
view exploit
Joomla! Component Ek Rishta 2.10 – SQL Injection
Critical CVE-2018-12254 php Guilherme Assmann 2018-06-14
view exploit
Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection
Critical php L0RD 2018-06-12
view exploit
Joomla! Component EkRishta 2.10 – ‘cid’ SQL Injection
Critical php 41!kh4224rDz 2018-06-11
view exploit
Joomla! Component Full Social 1.1.0 – ‘search_query’ SQL Injection
Critical php L0RD 2018-05-28
view exploit
Joomla! Component JoomOCShop 1.0 – Cross-Site Request Forgery
High php L0RD 2018-05-28
view exploit
Joomla! Component EkRishta 2.10 – Cross-Site Scripting / SQL Injection
Critical php Sina Kheirkhah 2018-05-20
view exploit
Joomla! Component JS Jobs 1.2.0 – Cross-Site Request Forgery
High php Sureshbabu Narvaneni 2018-04-18
view exploit
Joomla! Component jDownloads 3.2.58 – Cross Site Scripting
High CVE-2018-10068 php Sureshbabu Narvaneni 2018-04-17
view exploit
Joomla! Component Acymailing Starter 5.9.5 – CSV Macro Injection
High Verified CVE-2018-9107 php Sureshbabu Narvaneni 2018-03-30
view exploit
Joomla! Component AcySMS 3.5.0 – CSV Macro Injection
High Verified CVE-2018-9106 php Sureshbabu Narvaneni 2018-03-30
view exploit
Joomla! Component Fields – SQLi Remote Code Execution (Metasploit)
Critical Verified CVE-2017-8917 php Metasploit 2018-03-29
view exploit
Joomla! Component Alexandria Book Library 3.1.2 – ‘letter’ SQL Injection
Critical CVE-2018-7312 php Ihsan Sencan 2018-02-22
view exploit
Joomla! Component CheckList 1.1.1 – SQL Injection
Critical CVE-2018-7318 php Ihsan Sencan 2018-02-22
view exploit
Joomla! Component CW Tags 2.0.6 – SQL Injection
Critical CVE-2018-7313 php Ihsan Sencan 2018-02-22
view exploit
Joomla! Component Ek Rishta 2.9 – SQL Injection
Critical CVE-2018-7315 php Ihsan Sencan 2018-02-22
view exploit
Joomla! Component Advertisement Board 3.1.0 – ‘catname’ SQL Injection
Critical Verified CVE-2018-5982 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component Aist 2.0 – ‘id’ SQL Injection
Critical Verified CVE-2018-5993 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component AllVideos Reloaded 1.2.x – ‘divid’ SQL Injection
Critical Verified CVE-2018-5990 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component ccNewsletter 2.x.x ‘id’ – SQL Injection
Critical Verified CVE-2018-5989 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component DT Register 3.2.7 – ‘id’ SQL Injection
Critical Verified CVE-2018-6584 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component Fastball 2.5 – ‘season’ SQL Injection
Critical Verified CVE-2018-6373 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component File Download Tracker 3.0 – SQL Injection
Critical CVE-2018-6004 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component Form Maker 3.6.12 – SQL Injection
Critical Verified CVE-2018-5991 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component Gallery WD 1.3.6 – SQL Injection
Critical Verified CVE-2018-5981 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component Google Map Landkarten 4.2.3 – SQL Injection
Critical Verified CVE-2018-6396 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component InviteX 3.0.5 – ‘invite_type’ SQL Injection
Critical Verified CVE-2018-6394 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component JB Bus 2.3 – ‘order_number’ SQL Injection
Critical Verified CVE-2018-6372 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component jGive 2.0.9 – SQL Injection
Critical Verified CVE-2018-5970 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component JomEstate PRO 3.7 – ‘id’ SQL Injection
Critical Verified CVE-2018-6368 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component JquickContact 1.3.2.2.1 – SQL Injection
Critical Verified CVE-2018-5983 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component JS Autoz 1.0.9 – SQL Injection
Critical CVE-2018-6006 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component JS Jobs 1.1.9 – SQL Injection
Critical CVE-2018-5994 php Ihsan Sencan 2018-02-16
view exploit
Joomla! Component jLike 1.0 – Information Leak
High CVE-2018-6610 php Ihsan Sencan 2018-02-05
view exploit
Joomla! Component JE PayperVideo 3.0.0 – ‘usr_plan’ SQL Injection
Critical CVE-2018-6578 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component JEXTN Classified 1.0.0 – ‘sid’ SQL Injection
Critical CVE-2018-6575 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component JEXTN Membership 3.1.0 – ‘usr_plan’ SQL Injection
Critical CVE-2018-6577 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component JEXTN Reverse Auction 3.1.0 – SQL Injection
Critical CVE-2018-6579 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component Jimtawl 2.1.6 – Arbitrary File Upload
Critical CVE-2018-6580 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component JMS Music 1.1.1 – SQL Injection
Critical CVE-2018-6581 php Ihsan Sencan 2018-02-02
view exploit
Joomla! Component CP Event Calendar 3.0.1 – ‘id’ SQL Injection
Critical CVE-2018-6398 php Ihsan Sencan 2018-01-30
view exploit
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
High Verified CVE-2018-5263 php Mattia Furlani 2018-01-10
view exploit