Lucene search

VelteamJVEL:631

HistoryJul 04, 2018 - 12:00 a.m.

Advertisement Board 3.1.0

2018-07-0400:00:00

velteam

vel.joomla.org

537

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

68.6%

JSON

Advertisement Board by Ordasoft, versions 3.1.0 and previous, SQL Injection

Resolution: update to 3.1.4

Update notice:<https://ordasoft.com/News/News/advertisement-board-security-update.html>

Affected configurations

Vulners

Node

joomlaadvertisement_boardMatch3.1.0

joomlaadvertisement_boardRange<3.1.4

VendorProductVersionCPE
joomlaadvertisement_board3.1.0cpe:2.3:a:joomla:advertisement_board:3.1.0:*:*:*:*:*:*:*
joomlaadvertisement_board*cpe:2.3:a:joomla:advertisement_board:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
joomla	advertisement_board	3.1.0	cpe:2.3:a:joomla:advertisement_board:3.1.0:::::::*
joomla	advertisement_board	*	cpe:2.3:a:joomla:advertisement_board::::::::

References

www.ordasoft.com

extensions.joomla.org/extension/ads-a-affiliates/classified-ads/advertisement-board/

ordasoft.com/News/News/advertisement-board-security-update.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

68.6%

JSON

Related for JVEL:631