5 matches found
CVE-2019-12765
An issue was discovered in Joomla! before 3.9.7. The CSV export of comactionslogs is vulnerable to CSV injection...
Joomla! 3.9.0 < 3.9.7 - CSV Injection
!/usr/bin/python3 Exploit Title: Joomla 3.9.0 ' printf'Example: sys.argv0 http://127.0.0.1 ' sys.exit1 baseurl = sys.argv1 regurl = f"baseurl/joomla/index.php/component/users/?view=registration&Itemid=101" loginurl = f"baseurl/joomla/index.php?option=comusers" def pwnusername='abdullah': payload ...
Joomla! < 3.9.7 Multiple Vulnerabilities
Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12765
An issue was discovered in Joomla! before 3.9.7. The CSV export of comactionslogs is vulnerable to CSV injection...
CVE-2019-12765
CVE-2019-12765 affects Joomla! prior to 3.9.7. The issue is a CSV injection in the CSV export of the com_actionslogs component, caused by insufficient input validation during export. Public references (NVD/NIST, Nessus, OSV, CNVD, ENISA) confirm the vulnerability in Joomla! versions 3.9.0–3.9.6 (...