Description

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Remediation

References

CVE-2010-1433

Related Vulnerabilities

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)

MySQL CVE-2019-2746 Vulnerability (CVE-2019-2746)

WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)

WordPress Plugin Email posts to subscribers Multiple Vulnerabilities (2.0)

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)

Severity

Critical

Classification

CVE-2010-1433 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities