3 matches found
Joomla! < 3.8.9 Local File Inclusion with PHP 5.3
According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.8.9. It is, therefore, affected by a file inclusion vulnerability. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's...
CVE-2018-12712
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion...
CVE-2018-12712
CVE-2018-12712 affects Joomla! 2.5.0 through 3.8.8, prior to 3.8.9. The autoload code uses class_exists for validation, which in PHP 5.3 can treat invalid classnames as valid, enabling a Local File Inclusion (LFI). Successful exploitation could lead to partial disclosure and modification of files...