Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
BID:104272
CVE-2018-11322 |Info
Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
| Bugtraq ID: | 104272 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-11322 |
| Remote: | Yes |
| Local: | No |
| Published: | May 22 2018 12:00AM |
| Updated: | May 22 2018 12:00AM |
| Credit: | Demis Palma, JSST |
| Vulnerable: |
Joomla Joomla! 3.8.7 Joomla Joomla! 3.8.6 Joomla Joomla! 3.8.5 Joomla Joomla! 3.8.4 Joomla Joomla! 3.8.3 Joomla Joomla! 3.8.2 Joomla Joomla! 3.8.1 Joomla Joomla! 3.7.3 Joomla Joomla! 3.7.2 Joomla Joomla! 3.7.1 Joomla Joomla! 3.7 Joomla Joomla! 3.6.5 Joomla Joomla! 3.5 Joomla Joomla! 3.4.7 Joomla Joomla! 3.4.6 Joomla Joomla! 3.4.4 Joomla Joomla! 3.4.3 Joomla Joomla! 3.4.2 Joomla Joomla! 3.4.1 Joomla Joomla! 3.4 Joomla Joomla! 3.3.6 Joomla Joomla! 3.3.5 Joomla Joomla! 3.3.4 Joomla Joomla! 3.3.3 Joomla Joomla! 3.3.2 Joomla Joomla! 3.3.1 Joomla Joomla! 3.3 Joomla Joomla! 3.2.6 Joomla Joomla! 3.2.5 Joomla Joomla! 3.2.4 Joomla Joomla! 3.2.3 Joomla Joomla! 3.2.2 Joomla Joomla! 3.2.1 Joomla Joomla! 3.1.6 Joomla Joomla! 3.1.5 Joomla Joomla! 3.1.4 Joomla Joomla! 3.1.1 Joomla Joomla! 3.1 Joomla Joomla! 3.0.4 Joomla Joomla! 3.0.3 Joomla Joomla! 3.0.1 Joomla Joomla! 3.0 Joomla Joomla! 2.5.26 Joomla Joomla! 2.5.25 Joomla Joomla! 2.5.24 Joomla Joomla! 2.5.19 Joomla Joomla! 2.5.18 Joomla Joomla! 2.5.17 Joomla Joomla! 2.5.16 Joomla Joomla! 2.5.15 Joomla Joomla! 2.5.14 Joomla Joomla! 2.5.13 Joomla Joomla! 2.5.11 Joomla Joomla! 2.5.10 Joomla Joomla! 2.5.9 Joomla Joomla! 2.5.8 Joomla Joomla! 2.5.7 Joomla Joomla! 2.5.6 Joomla Joomla! 2.5.5 Joomla Joomla! 2.5.4 Joomla Joomla! 2.5.3 Joomla Joomla! 2.5.2 Joomla Joomla! 2.5.1 Joomla Joomla! 2.5 Joomla Joomla! 3.8.0 Joomla Joomla! 3.7.5 Joomla Joomla! 3.7.4 Joomla Joomla! 3.6.4 Joomla Joomla! 3.6.3 Joomla Joomla! 3.6.1 Joomla Joomla! 3.6.0 Joomla Joomla! 3.4.5 |
| Not Vulnerable: |
Joomla Joomla! 3.8.8 |
Discussion
Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
Joomla! Core is prone to an arbitrary file-upload vulnerability.
An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application or privilege escalation.
Joomla! Core 2.5.0 through 3.8.7 are vulnerable.
Joomla! Core is prone to an arbitrary file-upload vulnerability.
An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application or privilege escalation.
Joomla! Core 2.5.0 through 3.8.7 are vulnerable.
Solution / Fix
Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
References:
References:
- Joomla! Homepage (Joomla )
- [20180502] - Core - Add PHAR files to the upload blacklist (Joomla)