CVE-2019-10945

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:20

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/152515/Joomla-3.9.4-Arbitrary-File-Deletion-Directory-Traversal.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/152515/Joomla-3.9.4-Arbitrary-File-Deletion-Directory-Traversal.html - Exploit, Third Party Advisory, VDB Entry
References () https://developer.joomla.org/security-centre/777-20190401-core-directory-traversal-in-com-media - Vendor Advisory () https://developer.joomla.org/security-centre/777-20190401-core-directory-traversal-in-com-media - Vendor Advisory
References () https://www.exploit-db.com/exploits/46710/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/46710/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2019-04-10 19:29

Updated : 2024-11-21 04:20


NVD link : CVE-2019-10945

Mitre link : CVE-2019-10945

CVE.ORG link : CVE-2019-10945


JSON object : View

Products Affected

joomla

  • joomla\!
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')