Joomla! 1.5.x < 3.9.5 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :

• A directory traversal vulnerability exists in versions 1.5.0 to 3.9.4 within the Media Manager component due to improperly sanitizing the folder parameter. An authenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server’s restricted path. (CVE-2019-10945)

• An access control limit bypass exists in versions 3.2.0 to 3.9.4 within the gethelpsites() function of the com_users component. An unauthenticated, remote attacker can exploit this and access the ‘refresh list of helpsites’ endpoint. (CVE-2019-10946)

• A cross-site scripting (XSS) vulnerability exists in versions 3.0.0 to 3.9.4 due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user’s browser session.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.