Description
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.
Remediation
References
Related Vulnerabilities
WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1)
PHP Other Vulnerability (CVE-2004-1392)
WordPress Plugin CopySafe PDF Protection Unspecified Vulnerability (1.10)
WordPress Plugin Support Ticket System Multiple SQL Injection Vulnerabilities (1.2)
Beego Framework Incorrect Default Permissions Vulnerability (CVE-2019-16355)