Description

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

Remediation

References

CVE-2019-10945

Related Vulnerabilities

WordPress Plugin File Manager Unspecified Vulnerability (5.1.5)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9838)

MySQL CVE-2020-2898 Vulnerability (CVE-2020-2898)

SharePoint CVE-2020-1523 Vulnerability (CVE-2020-1523)

MySQL CVE-2017-3452 Vulnerability (CVE-2017-3452)

Severity

Critical

Classification

CVE-2019-10945 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities