Joomla! < 3.4.6 Multiple Vulnerabilities
Critical Nessus Plugin ID 87416
SynopsisThe remote web server contains a PHP application that is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.4.6. It is, therefore, affected by multiple vulnerabilities :
- A remote code execution vulnerability exists due to improper sanitization of session values. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2015-8562)
- A cross-site request forgery (XSRF) vulnerability exists due to HTTP requests to com_templates not requiring multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. An unauthenticated, remote attacker can exploit this, by convincing a user to follow a specially crafted link, to cause the user to perform unspecified actions.
- A path traversal vulnerability exists due to improper sanitization of user-supplied input via the XML install file. (CVE-2015-8564)
- A path traversal vulnerability exists due to improper sanitization of input supplied via user requests.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Joomla! version 3.4.6 or later.