Joomla Improper Input Validation Vulnerability (CVE-2015-8562)

Description

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.

Remediation

References

CVE-2015-8562

Related Vulnerabilities

PHP NULL Pointer Dereference Vulnerability (CVE-2018-19935)

WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (6.4)

Jenkins Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-2102)

Jenkins Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)

Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)

Severity

High

Classification

CVE-2015-8562 CWE-20