CVE-2010-1435Incorrect Authorization in Joomla !

CWE-863Incorrect Authorization4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.0%
top 97.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Joomla !
Timeline
PublishedJun 21
Latest updateApr 21

Description

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDjoomla/joomla_!1.5.01.5.15
CVEListV5joomla/joomla_!Joomla core from 1.5.0 up to and including 1.5.15

🔴Vulnerability Details

2
GHSA
GHSA-788x-6x75-28fc: Joomla! Core is prone to a security bypass vulnerability2022-04-21
CVEList
CVE-2010-1435: Joomla! Core is prone to a security bypass vulnerability2021-06-21

💥Exploits & PoCs

1
Exploit-DB
D-Link TFTP 1.0 - 'Filename' Remote Buffer Overflow (Metasploit)2010-05-09
CVE-2010-1435 — Incorrect Authorization in Joomla ! | cvebase