3 matches found
Path Traversal within joomla/archive tar class
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path...
PT-2022-16269 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.10.6 Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla! where inadequate filtering on the selected Ids in a request could result in a possible SQL injection. Recommendations:...
Cross site request forgery (csrf)
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint...