3 matches found
Creative Contact Form 4.6.2 Directory Traversal Vulnerability
Creative Contact Form version 4.6.2 before Dec 03 2019 suffers from a directory traversal vulnerability. Directory Traversal in Creative Contact Form Overview Identifier: AIT-SA-20200301-01 Target: Creative Contact Form for Joomla Vendor: Creative Solutions Version: 4.6.2 before Dec 03 2019 CVE:...
Creative Contact Form 4.6.2 Directory Traversal
Directory Traversal in Creative Contact Form Overview Identifier: AIT-SA-20200301-01 Target: Creative Contact Form for Joomla Vendor: Creative Solutions Version: 4.6.2 before Dec 03 2019 CVE: CVE-2020-9364 Accessibility: Remote Severity: Critical Author: Wolfgang Hotwagner AIT Austrian Institute ...
CVE-2020-9364
CVE-2020-9364 affects Creative Contact Form for Joomla (versions 4.6.2 and earlier). A directory traversal flaw exists in the helpers/mailer.php file, in the filename field for uploaded attachments processed via the creativecontactform_upload parameter. An attacker could abuse the "Send me a copy...