CVE-2010-5280
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 15222
Publication date : 2010-10-08 22h00 +00:00
Author : Delf Tonder
EDB Verified : Yes
Description:
Joomla CBE suffers from a local file inclusion vulnerability. As CBE
also offers file uploading functionality that allows to upload files
that contain php-code, this can be used to execute arbitary
system-commands on the host with the webservers privileges.
Risk:
High
Affected versions:
- CBE v1.4.10
- CBE v1.4.9
- CBE v1.4.8
(maybe older versions)
Not affaceted:
- CBE v1.4.11 (current)
Vulnerable code:
in cbe.php a file identified by the param "tabname" is included if the
"ajaxdirekt" param is set, without sanatizing the value of "tabname" first:
--
$ajaxdirekt = JRequest::getVar('ajaxdirekt', null);
$tabname = JRequest::getVar('tabname', null);
if ($ajaxdirekt) {
$tabfile =
JPATH_SITE.DS.'components'.DS.'com_cbe'.DS.'enhanced'.DS.$tabname.DS.$tabname.".php";
if (file_exists($tabfile)) {
include_once($tabfile);
}
return;
}
--
Exploitation / poc:
index.php?option=com_cbe&task=userProfile&user=23&ajaxdirekt=true&tabname=../../../CREDITS.php%00
will execute the CREDITS.php
Addional attack-vectors:
CBE offers a file-upload function for uploading user profile images. The
uploaded file is not checked for beeing well-formed, it only needs to
have the right mime-type and maybe (depends on profile-picture
configuration) the right size, so we can embed php-code in the
profile-picture. Lets say we have registered an account on the site with
the user-id 23, then we can execute the backdoor by requesting:
index.php?option=com_cbe&task=userProfile&user=23&ajaxdirekt=true&tabname=../../../images/cbe/23.gif%00
As we stay in the documents-root, we dont even have to worry about
safe-mode directory restrictions, and using GIFs will bypass most of
CBE's image pre-processing functions during file upload (except file-
and image-size checks).
Solutions:
a) check if the contents of an uploaded file contains a php open-tag
('<?php') (requires that the php-short-open-tag option is disabled)
b) Joomla offers several functions for accessing POST and GET params, i
guess using getWord() instead of getVar() would be a better choice in
this case.
History:
04.10.2010 - vendor informed
07.10.2010 - vendor released fixed version
08.10.2010 - public disclosure
Cheers
Delf Tonder
Products Mentioned
Configuraton 0
Joomla-cbe>>Com_cbe >> Version 1.4.8
- Joomla-cbe>>Com_cbe >> Version 1.4.8 (Open CPE detail)
Joomla-cbe>>Com_cbe >> Version 1.4.9
- Joomla-cbe>>Com_cbe >> Version 1.4.9 (Open CPE detail)
Joomla-cbe>>Com_cbe >> Version 1.4.10
- Joomla-cbe>>Com_cbe >> Version 1.4.10 (Open CPE detail)
Joomla>>Joomla\! >> Version *
- Joomla>>Joomla\! >> Version - (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.0.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.5.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.6.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 1.7.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.27 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.0.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.1.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.2.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.3.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.6.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.7.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.8.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.17 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.19 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.20 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.21 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.25 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.26 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.27 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.9.28 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.10 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.11 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.12 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.13 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.14 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.15 (Open CPE detail)
- Joomla>>Joomla\! >> Version 3.10.16 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.7 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.8 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.2.9 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.3.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.5 (Open CPE detail)
- Joomla>>Joomla\! >> Version 4.4.6 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.0.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.0 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 5.1.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.2 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 11.4 (Open CPE detail)
- Joomla>>Joomla\! >> Version 12.1 (Open CPE detail)
- Joomla>>Joomla\! >> Version 12.3 (Open CPE detail)
- Joomla>>Joomla\! >> Version 13.1 (Open CPE detail)
References
http://www.securityfocus.com/archive/1/514183/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.