CVE-2018-11322

high

Description

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

References

Advisories
More

http://www.securitytracker.com/id/1040966

http://www.securityfocus.com/bid/104272

https://developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html

Details

Source: Mitre, NVD

Published: 2018-05-22

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00254

Detections

Analytics