Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.
References
Link | Resource |
---|---|
https://www.acunetix.com/vulnerabilities/web/joomla-core-1-5-x-arbitrary-file-upload-1-5-0-1-5-15/ | Third Party Advisory |
https://developer.joomla.org/security-centre/310-20100423-core-installer-migration-script.html | Vendor Advisory |
Configurations
Information
Published : 2021-06-21 16:15
Updated : 2021-06-25 08:41
NVD link : CVE-2010-1433
Mitre link : CVE-2010-1433
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
joomla
- joomla\!