Lucene search

K
nessusThis script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98497
HistoryNov 05, 2018 - 12:00 a.m.

Joomla! 3.4.x < 3.8.8 Multiple Vulnerabilities

2018-11-0500:00:00
This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :

  • ACL violation in access levels affects Joomla 2.5.0 through 3.8.7

  • Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7

  • Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7

  • Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7

  • XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7

  • Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7

  • Session deletion race condition affects Joomla 3.0.0 through 3.8.7

  • Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7

  • XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersion
ajoomlajoomla!

References