Codextrous B2J Contact vulnerabilities
3 known vulnerabilities affecting codextrous/b2j_contact.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-5215P2CRITICALCVSS 9.8Exploited≤ 2.1.122017-05-17
CVE-2017-5215 [CRITICAL] CWE-20 CVE-2017-5215: The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename att
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
nvd
CVE-2017-9030P3HIGHCVSS 7.5≤ 2.1.122017-05-17
CVE-2017-9030 [HIGH] CWE-22 CVE-2017-9030: The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
nvd
CVE-2017-5214P3HIGHCVSS 7.5≤ 2.1.122017-05-17
CVE-2017-5214 [HIGH] CWE-335 CVE-2017-5214: The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction o
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.
nvd