Skip to main content

Virtuemart

3 CVEs product

Monthly

CVE-2025-25228 LOW Monitor

A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area in backend. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Virtuemart Joomla
NVD GitHub
CVSS 3.1
3.8
EPSS
0.2%
CVE-2018-7465 MEDIUM POC This Month

An XSS issue was discovered in VirtueMart before 3.2.14. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Virtuemart
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
2.4%
CVE-2016-10379 HIGH POC This Week

The VirtueMart com_virtuemart component 3.0.14 for Joomla!. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Virtuemart
NVD
CVSS 3.0
7.2
EPSS
0.6%
EPSS 0% CVSS 3.8
LOW Monitor

A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area in backend. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Virtuemart Joomla
NVD GitHub
EPSS 2% CVSS 5.4
MEDIUM POC This Month

An XSS issue was discovered in VirtueMart before 3.2.14. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Virtuemart
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC This Week

The VirtueMart com_virtuemart component 3.0.14 for Joomla!. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Virtuemart
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy