Lifecycle Timeline
2DescriptionCVE.org
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
Analysis
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
Technical ContextAI
Classified as CWE-284 (Improper Access Control). The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
Affected ProductsAI
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain co
RemediationAI
Monitor vendor advisories for a patch.
SQL injection vulnerability in Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable,
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public explo
SQL injection vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla!. Rated
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla!. Rated
SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.p
SQL injection vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low
administrator/components/com_media/helpers/media.php in the media manager in Joomla!. Rated medium severity (CVSS 6.8),
Akeeba Restore (restore.php), as used in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit
SQL injection vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low
In Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required,
Same weakness CWE-284 – Improper Access Control
View allShare
External POC / Exploit Code
Leaving vuln.today