Joomla : Security Vulnerabilities Published In 2019 (Directory traversal)

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.
Max Base Score
Published 2019-12-18
Updated 2019-12-19
EPSS 0.15%
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.
Max Base Score
Published 2019-05-09
Updated 2021-10-01
EPSS 1.41%
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
Max Base Score
Published 2019-04-10
Updated 2019-04-17
EPSS 94.84%
3 vulnerabilities found
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to terms of use!