22 matches found
CVE-2024-5735
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5736
Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5736
Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5736
Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737 HTML Injection in AdmirorFrames Joomla! Extension
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737
CVE-2024-5737 affects the AdmirorFrames Joomla! extension. Red Hat entries confirm the issue resides in afGdStream.php, which does not set a Content-Type, causing a default text/html to be used. An attacker may embed HTML in image data, which will be rendered by a webpage as HTML. The vulnerabili...
EUVD-2024-46898
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5737 HTML Injection in AdmirorFrames Joomla! Extension
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5736 SSRF in AdmirorFrames Joomla! Extension
Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5736
AdmirorFrames Joomla! extension (afGdStream.php) is affected by CVE-2024-5736. A Server Side Request Forgery (SSRF) condition in afGdStream.php allows an attacker to access local files or server pages that are available only from localhost. The issue affects AdmirorFrames before version 5.0. The ...
CVE-2024-5736 SSRF in AdmirorFrames Joomla! Extension
Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735
CVE-2024-5735 describes a Full Path Disclosure in the AdmirorFrames Joomla! extension, allowing an unauthenticated attacker to retrieve the web root folder location via afHelper.php. Affected: AdmirorFrames before 5.0. The connected sources confirm the vulnerability exists and reference the affec...
CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
Exploit for Cross-site Scripting in Admiror-Design-Studio Admirorframes
CVE-2024-5737 AdmirorFrames Joomla! Extension HTML tag:...