Description
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
Remediation
References
Related Vulnerabilities
WordPress Plugin Amazon Product in a Post SQL Injection (3.5.2)
WordPress Plugin FeedWordPress Multiple Vulnerabilities (2015.0426)
Oracle Database Server CVE-2007-2109 Vulnerability (CVE-2007-2109)
WordPress Plugin MailPoet Newsletters (Previous) Security Bypass (2.8.1)
WebLogic Improper Certificate Validation Vulnerability (CVE-2020-9488)