Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-9838Improper Access Control in Joomla !

CWE-284Improper Access Control6 documents5 sources
Severity
7.5HIGHNVD
EPSS
2.9%
top 13.71%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Joomla !
Timeline
PublishedDec 16
Latest updateMay 17

Description

An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDjoomla/joomla_!3.6.4

Patches

Patch: www.joomla.orgPatch: www.joomla.org

🔴Vulnerability Details

2
GHSA
GHSA-r7gw-fgrc-gxxj: An issue was discovered in components/com_users/models/registration2022-05-17
CVEList
CVE-2016-9838: An issue was discovered in components/com_users/models/registration2016-12-16

💥Exploits & PoCs

2
Exploit-DB
Joomla! < 2.5.2 - Admin Creation2017-01-20
Exploit-DB
Joomla! < 3.6.4 - Admin Takeover2017-01-20

💬Community

1
Bugzilla
CVE-2014-9838 ImageMagick: out of memory crash in magick/cache.c2016-06-07
CVE-2016-9838 — Improper Access Control in Joomla ! | cvebase