2 matches found
CVE-2017-18345
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=comjoomanager&controller=details&task=download&path=configuration.php request...
CVE-2017-18345
The CVE-2017-18345 entry concerns the Joomanager component for Joomla! up to version 2.0.0, where an arbitrary file download vulnerability in the details/download flow (path=configuration.php) can disclose database credentials. The root cause is an insecure download handler that allows access to ...