CVE-2017-18345

2018-08-2621:00:00

mitre

www.cve.org

9.6 High

AI Score

Confidence

High

0.128 Low

EPSS

Percentile

95.5%

JSON

The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.

References

cxsecurity.com/issue/WLB-2018030054

vel.joomla.org/vel-blog/2020-joomanager-2-0-0-other

www.exploit-db.com/exploits/44252