3 matches found
Joomla Codextrous B2jcontact 2.1.17 Shell Upload
Exploit Title : Joomla Codextrous ComB2jcontact Components 2.1.17 Shell Upload Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 04/01/2019 Vendor Homepage : codextrous.com/joomla-components/b2j-contact.html + extensions.joomla.org/extension/b2j-contact/ Software...
CVE-2017-5214
The Codextrous B2J Contact aka b2jcontact extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files...
CVE-2017-5214
The CVE-2017-5214 entry applies to the Codextrous B2J Contact (b2j_contact) Joomla! extension, affected versions prior to 2.1.13. The root cause is a flaw where an attacker can predict the uniqid value based on knowledge of a time value, making it easier to read arbitrary uploaded files. The vuln...