Sample Report

This is the URL of the Joomla installation that will be scanned for vulnerabilities.
All urls must start with http or https.


Joomla Vulnerability Scan - Sample Report
×

About the Joomla Vulnerability Scanner

Finds Joomla version, components, modules, templates and shows their vulnerabilities.

The scanner attempts to identify security weaknesses in the target Joomla website (core, components, modules and templates).
It performs a remote scan, without authentication, using a black-box approach. This simulates an external attacker who tries to penetrate the target Joomla website.

The Joomla Vulnerability Scanner performs the following operations to assess the security of the target website:

  • Detect the installed Joomla version
  • Show the vulnerabilities which affect the identified Joomla version
  • Enumerate installed components and their versions
  • Show the vulnerabilities for the identified components
  • Enumerate the installed modules and their versions
  • Show the vulnerabilities for the identified modules
  • Enumerate the installed templates and their versions
  • Show the vulnerabilities for the identified templates

The scanner is based on the well known JoomlaVS scanning tool.


Parameters

  • Target URL: This is the url of the Joomla website that will be scanned. All urls must start with http or https.
    Don't forget to specify the complete path to the base directory of the Joomla installation. Ex. http://targetjoomla.com/cms/

How it works

The scanner connects to the target Joomla installation and retrieves information from the HTML pages in order to fingerprint the Joomla version.
The enumeration of components, modules and templates is actively done by trying multiple known names.
The reported vulnerabilities are extracted from a local database which is periodically updated.