6 matches found
CVE-2020-23972
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...
Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload
Exploit Title: Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-27 Exploit Author: ThelastVvV Vendor Homepage: https://gmapfp.org/ Version:Version J3.5 /J3.5free Tested on: Ubuntu CVE: CVE-2020-23972 Description: An attacker can...
Joomla GMapFP J3.5 / J3.5F Arbitrary File Upload
Exploit Title: Joomla! Component GMapFP J3.5/J3.5F - Unauthenticated Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-27 Exploit Author: ThelastVvV Vendor Homepage:https://gmapfp.org/ Version:Version J3.5 /J3.5free Tested on: Ubuntu CVE:CVE-2020-23972 Description: An attacker...
CVE-2020-23972
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...
CVE-2020-23972
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...
CVE-2020-23972
CVE-2020-23972 : Joomla! GMapFP 3.5 is vulnerable to an arbitrary/unrestricted file upload. An unauthenticated attacker can access the upload function and upload files, bypassing restrictions by altering Content-Type and filename with double extensions. The Nuclei template confirms exploitation t...