Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
CodextrousB2j Contact

3 matches found

CVE
CVEadded 2017/05/17 2:0 p.m.59 views

CVE-2017-5215

The CVE entries describe the Codextrous B2J Contact (aka b2j_contact) Joomla extension up to version 2.1.13 as vulnerable. CVE-2017-5215: a rename attack allows bypass of the safe file extension protection, enabling remote code execution. CVE-2017-9030: a directory traversal flaw bypasses uniqid ...

9.8CVSS9.7AI score
CVE
CVEadded 2017/05/17 2:0 p.m.54 views

CVE-2017-5214

The CVE-2017-5214 entry applies to the Codextrous B2J Contact (b2j_contact) Joomla! extension, affected versions prior to 2.1.13. The root cause is a flaw where an attacker can predict the uniqid value based on knowledge of a time value, making it easier to read arbitrary uploaded files. The vuln...

7.5CVSS7.4AI score0.003EPSS
CVE
CVEadded 2017/05/17 2:0 p.m.50 views

CVE-2017-9030

CVE-2017-9030 affects the Codextrous B2J Contact (b2j_contact) Joomla! extension prior to version 2.1.13. The flaw is a directory traversal that bypasses a uniqid protection, enabling reading arbitrary uploaded files. Multiple sources (CNVD, RH, NVD) confirm the issue and its potential for remote...

7.5CVSS7.4AI score0.02076EPSS