Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 9:29 a.m.11 views

CVE-2024-5735

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...

7.5CVSS6.9AI score0.01515EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/23 8:28 a.m.7 views

CVE-2024-5737

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...

6.3CVSS6.9AI score0.01084EPSS
Exploits3References1
osv
osv
added 2024/06/28 12:15 p.m.6 views

CVE-2024-5736

Server Side Request Forgery SSRF vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0...

7.5CVSS5.8AI score0.01515EPSS
Exploits3References5
cve
cve
added 2024/06/28 11:29 a.m.69 views

CVE-2024-5737

CVE-2024-5737 affects the AdmirorFrames Joomla! extension. Red Hat entries confirm the issue resides in afGdStream.php, which does not set a Content-Type, causing a default text/html to be used. An attacker may embed HTML in image data, which will be rendered by a webpage as HTML. The vulnerabili...

6.3CVSS6.3AI score0.01515EPSS
Exploits3References5Affected Software1
vulnrichment
vulnrichment
added 2024/06/28 11:24 a.m.20 views

CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...

6.3CVSS6.8AI score0.01515EPSS
Exploits2References5
Rows per page
Query Builder