Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:49 p.m.11 views

CVE-2020-23972

In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...

7.5CVSS6.9AI score0.31444EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/01 12:0 a.m.1220 views

Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload

Exploit Title: Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-27 Exploit Author: ThelastVvV Vendor Homepage: https://gmapfp.org/ Version:Version J3.5 /J3.5free Tested on: Ubuntu CVE: CVE-2020-23972 Description: An attacker can...

7.5CVSS7.6AI score0.31444EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/09/07 12:0 a.m.554 views

Joomla GMapFP J3.5 / J3.5F Arbitrary File Upload

Exploit Title: Joomla! Component GMapFP J3.5/J3.5F - Unauthenticated Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-27 Exploit Author: ThelastVvV Vendor Homepage:https://gmapfp.org/ Version:Version J3.5 /J3.5free Tested on: Ubuntu CVE:CVE-2020-23972 Description: An attacker...

7.6AI score0.31444EPSS
Exploits3
NVD
NVD
added 2020/08/27 2:15 p.m.13 views

CVE-2020-23972

In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...

7.5CVSS7.6AI score0.31444EPSS
Exploits3References2
Cvelist
Cvelist
added 2020/08/27 1:3 p.m.22 views

CVE-2020-23972

In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double...

7.5AI score0.31444EPSS
Exploits3References2
CVE
CVE
added 2020/08/27 1:3 p.m.155 views

CVE-2020-23972

CVE-2020-23972 : Joomla! GMapFP 3.5 is vulnerable to an arbitrary/unrestricted file upload. An unauthenticated attacker can access the upload function and upload files, bypassing restrictions by altering Content-Type and filename with double extensions. The Nuclei template confirms exploitation t...

7.5CVSS7.5AI score0.31444EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder