admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-183xx/CVE-2017-18345.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

149 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-18345",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-08-26T21:29:00.233",
"lastModified": "2024-11-21T03:19:53.530",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request."
},
{
"lang": "es",
"value": "El componente Joomanager hasta la versi\u00f3n 2.0.0 para Joomla! tiene un problema de subida de archivos arbitrarios, lo que resulta en la exposici\u00f3n de credenciales de la base de datos mediante una petici\u00f3n index.php?option=com_joomanagercontroller=detailstask=downloadpath=configuration.php."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomanager_project:joomanager:*:*:*:*:*:joomla\\!:*:*",
"versionEndIncluding": "2.0.0",
"matchCriteriaId": "7EC116A7-E0C6-432E-854D-2D323C32449C"
}
]
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2018030054",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vel.joomla.org/vel-blog/2020-joomanager-2-0-0-other",
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/44252",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://cxsecurity.com/issue/WLB-2018030054",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vel.joomla.org/vel-blog/2020-joomanager-2-0-0-other",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/44252",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink