Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2007-4781

administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when com_installer is the value of the option parameter.

  • Published: Sep 10, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4781
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.6
  • AV:N/AC:H/Au:S/C:N/I:C/A:C

CWEs:

Software From Fixed in
Joomla / joomla 1.5.0_rc1 1.5.0_rc1.x
Joomla / joomla 1.5.0_beta2 1.5.0_beta2.x
Joomla / joomla 1.5.0_beta1 1.5.0_beta1.x