Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.9.4 Exploit type: Directory Traversal Reported Date: 2019-March-13 Fixed Date: 2019-April-08 CVE Number: CVE-2019-10945 Description The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory. Affected Installs Joomla! CMS versions 1.5.0 through 3.9.4 Solution Upgrade to version 3.9.5 Contact The JSST at the Joomla! Security Centre. Reported By: Haboob Research Team [20190401] - Core - Directory Traversal in com_media
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.9.4 Exploit type: Directory Traversal Reported Date: 2019-March-13 Fixed Date: 2019-April-08 CVE Number: CVE-2019-10945 Description The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory. Affected Installs Joomla! CMS versions 1.5.0 through 3.9.4 Solution Upgrade to version 3.9.5 Contact The JSST at the Joomla! Security Centre. Reported By: Haboob Research Team - Zugriffe: 773