SynopsisA PHP application running on the remote web server is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version, the instance of Joomla! running on the remote web server is 1.7.x prior to 3.9.16. It is, therefore, affected by multiple vulnerabilities.
- Missing token checks in the image actions of com_templates causes CSRF vulnerabilities.
- Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.
- Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. (CVE-2020-10240)
- Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
- The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype. (CVE-2020-10243)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Joomla! version 3.9.16 or later.