CVE-2009-1940

Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

We have discovered 203,963 live websites that are affected by CVE-2009-1940.

Run a Free Instant Scan



Affected Software

Product  Joomla
Category Content Management System
Vulnerable Domains203,963 live websites (96% of Joomla install base)
Vulnerable Versions
  • from 0 through 1.5.10
Vulnerable Versions Count1 versions ( 0.97% of all versions)



Details

  • Published - Jun 5, 2009
  • Updated - Aug 7, 2024

Website Distribution by Country

Number of websites using CVE-2009-1940
United States9,752 websites


Italy55,693 websites
Poland15,066 websites
Russia14,226 websites
GB13,758 websites
Iran12,527 websites
Germany11,501 websites
Kazakhstan7,296 websites
Netherlands6,052 websites
South Africa5,916 websites

Website Distribution by TLD

Number of websites using CVE-2009-1940
.com49,472 websites
.it36,614 websites
.ru11,825 websites
.pl10,763 websites
.co.uk6,885 websites
.org5,038 websites
.de4,435 websites
.net4,070 websites
.nl3,551 websites
.se3,267 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2009-1940

Top websites that are affected by CVE-2009-1940. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*****************.de Germany*,***
*******.**.ca Canada*,***
*****.com Italy**,***
***********.**.za South Africa**,***
**************.se Sweden**,***
***************.com Italy**,***
*********.com GB**,***
************.com Germany**,***
*********************.com United States**,***
****.pl Poland**,***
See full domain list

FAQ

A total of 203,963 websites have been identified as vulnerable to CVE-2009-1940, based on global website indexing conducted by WebTechSurvey.
The Joomla is affected by the CVE-2009-1940 vulnerability.
Joomla versions up to and including 1.5.10 are vulnerable to CVE-2009-1940.