Joomla! Core Multiple Vulnerabilities-01 May18 (20180502/20180501)

2018-05-23T00:00:00

Description

This host is running Joomla and is prone to multiple vulnerabilities.

{"id": "OPENVAS:1361412562310813408", "type": "openvas", "bulletinFamily": "scanner", "title": "Joomla! Core Multiple Vulnerabilities-01 May18 (20180502/20180501)", "description": "This host is running Joomla and is prone to multiple vulnerabilities.", "published": "2018-05-23T00:00:00", "modified": "2019-07-05T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813408", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html", "https://developer.joomla.org/security-centre/729-20180501-core-acl-violation-in-access-levels.html"], "cvelist": ["CVE-2018-11323", "CVE-2018-11322"], "lastseen": "2019-07-17T14:09:56", "viewCount": 46, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-11322", "CVE-2018-11323"]}, {"type": "joomla", "idList": ["JOOMLA-729", "JOOMLA-730"]}, {"type": "nessus", "idList": ["JOOMLA_388.NASL", "WEB_APPLICATION_SCANNING_98493", "WEB_APPLICATION_SCANNING_98494", "WEB_APPLICATION_SCANNING_98495", "WEB_APPLICATION_SCANNING_98496", "WEB_APPLICATION_SCANNING_98497", "WEB_APPLICATION_SCANNING_98498", "WEB_APPLICATION_SCANNING_98499", "WEB_APPLICATION_SCANNING_98500", "WEB_APPLICATION_SCANNING_98501", "WEB_APPLICATION_SCANNING_98502", "WEB_APPLICATION_SCANNING_98503", "WEB_APPLICATION_SCANNING_98504", "WEB_APPLICATION_SCANNING_98505"]}], "rev": 4}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-11322", "CVE-2018-11323"]}, {"type": "joomla", "idList": ["JOOMLA-729", "JOOMLA-730"]}, {"type": "nessus", "idList": ["JOOMLA_DETECT.NASL"]}]}, "exploitation": null, "vulnersScore": -0.0}, "pluginID": "1361412562310813408", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Joomla! Core Multiple Vulnerabilities-01 May18 (20180502/20180501)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:joomla:joomla\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813408\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2018-11323\", \"CVE-2018-11322\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-23 12:35:14 +0530 (Wed, 23 May 2018)\");\n\n script_name(\"Joomla! Core Multiple Vulnerabilities-01 May18 (20180502/20180501)\");\n\n script_tag(name:\"summary\", value:\"This host is running Joomla and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to:\n\n - An error where depending on the server configuration, PHAR files might be handled as executable PHP scripts by\nthe webserver.\n\n - Inadequate checks for access level permissions.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to modify the access levels\nof user groups with higher permissions and use PHAR files as executable PHP scripts.\");\n\n script_tag(name:\"affected\", value:\"Joomla core version 2.5.0 through 3.8.7\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Joomla version 3.8.8 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"https://developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html\");\n script_xref(name:\"URL\", value:\"https://developer.joomla.org/security-centre/729-20180501-core-acl-violation-in-access-levels.html\");\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"joomla_detect.nasl\");\n script_mandatory_keys(\"joomla/installed\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!jPort = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:jPort, exit_no_version:TRUE )) exit(0);\njVer = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:jVer, test_version:\"2.5.0\", test_version2:\"3.8.7\")) {\n report = report_fixed_ver(installed_version:jVer, fixed_version:\"3.8.8\", install_path:path);\n security_message(port:jPort, data:report);\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Web application abuses", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 1659730939}}

{"cve": [{"lastseen": "2022-03-23T12:18:21", "description": "An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-22T15:29:00", "type": "cve", "title": "CVE-2018-11323", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11323"], "modified": "2019-10-03T00:03:00", "cpe": [], "id": "CVE-2018-11323", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11323", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:18:21", "description": "An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-22T15:29:00", "type": "cve", "title": "CVE-2018-11322", "cwe": ["CWE-434"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11322"], "modified": "2018-06-22T16:11:00", "cpe": [], "id": "CVE-2018-11322", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11322", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": []}], "joomla": [{"lastseen": "2021-12-21T10:45:42", "description": "Inadequate checks allowed users to modify the access levels of user groups with higher permissions.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-08T00:00:00", "type": "joomla", "title": "[20180501] - Core - ACL violation in access levels", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11323"], "modified": "2018-05-22T00:00:00", "id": "JOOMLA-729", "href": "https://developer.joomla.org/security-centre/729-20180501-core-acl-violation-in-access-levels.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-12-21T10:45:42", "description": "Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-14T00:00:00", "type": "joomla", "title": "[20180502] - Core - Add PHAR files to the upload blacklist", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11322"], "modified": "2018-05-22T00:00:00", "id": "JOOMLA-730", "href": "https://developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-07-15T14:35:12", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.5.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98505", "href": "https://www.tenable.com/plugins/was/98505", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:35:09", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.6.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98504", "href": "https://www.tenable.com/plugins/was/98504", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:34:47", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 2.5.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98502", "href": "https://www.tenable.com/plugins/was/98502", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:59:20", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.3.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98498", "href": "https://www.tenable.com/plugins/was/98498", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:59:18", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.7.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98503", "href": "https://www.tenable.com/plugins/was/98503", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:34:39", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.8.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98493", "href": "https://www.tenable.com/plugins/was/98493", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:34:35", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.0.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98501", "href": "https://www.tenable.com/plugins/was/98501", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:59:03", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.5.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98496", "href": "https://www.tenable.com/plugins/was/98496", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:58:58", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.2.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98499", "href": "https://www.tenable.com/plugins/was/98499", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:34:28", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.6.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98495", "href": "https://www.tenable.com/plugins/was/98495", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:58:58", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.7.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98494", "href": "https://www.tenable.com/plugins/was/98494", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:59:19", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.4.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98497", "href": "https://www.tenable.com/plugins/was/98497", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:35:08", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - ACL violation in access levels affects Joomla 2.5.0 through 3.8.7\n\n - Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7\n\n - Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7\n\n - Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7\n\n - XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7\n\n - Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7\n\n - Session deletion race condition affects Joomla 3.0.0 through 3.8.7\n\n - Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7\n\n - XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.1.x < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98500", "href": "https://www.tenable.com/plugins/was/98500", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:46:09", "description": "According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.8.8. It is, therefore, affected by a multiple vulnerabilities.\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-31T00:00:00", "type": "nessus", "title": "Joomla! < 3.8.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11321", "CVE-2018-11322", "CVE-2018-11323", "CVE-2018-11324", "CVE-2018-11325", "CVE-2018-11326", "CVE-2018-11327", "CVE-2018-11328", "CVE-2018-6378"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:joomla:joomla%5c%21"], "id": "JOOMLA_388.NASL", "href": "https://www.tenable.com/plugins/nessus/110227", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110227);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-6378\",\n \"CVE-2018-11321\",\n \"CVE-2018-11322\",\n \"CVE-2018-11323\",\n \"CVE-2018-11324\",\n \"CVE-2018-11325\",\n \"CVE-2018-11326\",\n \"CVE-2018-11327\",\n \"CVE-2018-11328\"\n );\n script_bugtraq_id(\n 104268,\n 104269,\n 104270,\n 104271,\n 104272,\n 104273,\n 104274,\n 104276,\n 104278\n );\n\n script_name(english:\"Joomla! < 3.8.8 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Joomla!\ninstallation running on the remote web server is prior to 3.8.8. It\nis, therefore, affected by a multiple vulnerabilities.\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n # https://www.joomla.org/announcements/release-news/5730-joomla-3-8-8-release.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c5d229a2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Joomla! version 3.8.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-11323\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:joomla:joomla\\!\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"joomla_detect.nasl\");\n script_require_keys(\"installed_sw/Joomla!\", \"www/PHP\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp_info = vcf::get_app_info(app:\"Joomla!\", port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"1.5.0\", \"fixed_version\" : \"3.8.8\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{xss:TRUE});\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}

Joomla! Core Multiple Vulnerabilities-01 May18 (20180502/20180501)

Description

Related