CVE-2018-11322

high

Description

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

References

https://developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html

http://www.securitytracker.com/id/1040966

http://www.securityfocus.com/bid/104272

Details

Source: Mitre, NVD

Published: 2018-05-22

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High