Filtered by vendor Joomla Subscriptions
Filtered by product Joomla! Subscriptions
Total 10 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-40636 1 Joomla 3 Joomla, Joomla!, Mod Vvisit Counter 2025-10-06 N/A
SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability allows an attacker to retrieve database content via the ‘cip_vvisitcounter’ cookie at all endpoints where the plugin counts visits.
CVE-2025-54476 1 Joomla 2 Joomla, Joomla! 2025-10-02 N/A
Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class.
CVE-2025-54477 1 Joomla 2 Joomla, Joomla! 2025-10-02 5.3 Medium
Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method.
CVE-2025-54300 1 Joomla 2 Joomla, Joomla! 2025-08-25 N/A
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.
CVE-2025-54301 1 Joomla 2 Joomla, Joomla! 2025-08-25 N/A
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.
CVE-2025-54474 1 Joomla 2 Joomla, Joomla! 2025-08-16 N/A
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.
CVE-2025-54475 2 Joomla, Joomsky 3 Joomla, Joomla!, Js Jobs 2025-08-16 N/A
A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
CVE-2025-54473 1 Joomla 2 Joomla, Joomla! 2025-08-16 N/A
An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.
CVE-2025-54299 2 Joomla, Nobossextensions 2 Joomla!, No Boss Testimonials Component 2025-08-05 N/A
A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.
CVE-2025-54298 1 Joomla 2 Joomla, Joomla! 2025-07-31 N/A
A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.