Description
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin NewStatPress Multiple Vulnerabilities (1.0.4)
WordPress Plugin Media Search Enhanced SQL Injection (0.6.0)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
WordPress Plugin Invite Anyone Security Bypass (1.3.14)
WordPress Plugin Photoswipe Masonry Gallery Cross-Site Scripting (1.2.14)