Description

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

Remediation

References

CVE-2018-11322

Related Vulnerabilities

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.24)

WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10100)

phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)

WordPress Plugin WooCommerce Customers Manager Unspecified Vulnerability (26.6)

XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984)

Severity

High

Classification

CVE-2018-11322 CWE-434 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities