Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Codextrous Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5214 1 Codextrous 1 B2j Contact 2019-10-02 5.0 MEDIUM 7.5 HIGH
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.
CVE-2017-9030 1 Codextrous 1 B2j Contact 2017-05-26 5.0 MEDIUM 7.5 HIGH
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
CVE-2017-5215 1 Codextrous 1 B2j Contact 2017-05-26 7.5 HIGH 9.8 CRITICAL
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.