Description

An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.

Remediation

References

CVE-2018-15882

Related Vulnerabilities

Java Unspesificed Vulnerability (CVE-2019-2818)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)

WordPress Plugin Team Members Cross-Site Scripting (5.0.3)

WordPress Plugin Quick Contact Form Cross-Site Scripting (6.0)

WordPress Plugin BuddyPress Unspecified Vulnerability (2.6.0)

Severity

Critical

Classification

CVE-2018-15882 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities