WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19845)

Description

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.

Remediation

References

Related Vulnerabilities

WordPress Plugin Catch Breadcrumb Security Bypass (1.6)

PHP Improper Preservation of Permissions Vulnerability (CVE-2020-7063)

WordPress Plugin Backup and Staging by WP Time Capsule PHP Object Injection (1.21.9)

WordPress Plugin Password Protected Open Redirect (1.4)

WordPress Plugin Direct Download for Woocommerce Arbitrary File Download (1.15)

Severity

Medium

Classification

CVE-2019-19845 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities