Thursday, March 4, 2021

Joomla!: [20210308] - Core - Path Traversal within joomla/archive zip class (CVE-2021-26028)

rapid7 vulnerabilities In: , 
Description
Extracting an specifilcy crafted zip package could write files outside of the intended path.
Solution(s)
  • joomla-upgrade-3_9_25


    • References
  • https://attackerkb.com/topics/cve-2021-26028
  • CVE - 2021-26028
  • http://developer.joomla.org/security-centre/848-20210308-core-path-traversal-within-joomla-archive-zip-class.html




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore