Vulnerabilities (CVE)

Filtered by vendor Codextrous Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9030 1 Codextrous 1 B2j Contact 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
CVE-2017-5215 1 Codextrous 1 B2j Contact 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
CVE-2017-5214 1 Codextrous 1 B2j Contact 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.