CVE-2019-7743
Joomla! before 3.9.3 is vulnerable to an object injection via the phar:// stream wrapper due to a missing protection against using phar:// for non-.phar files. Affected component is the core Joomla! PHP handling (phar wrapper); exploitation could lead to severe impact (high/critical in CVSS terms...