Описание
Joomla! Framework Remote Code Injection Vulnerability
The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-8566
- https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html
- https://github.com/FriendsOfPHP/security-advisories/blob/master/joomla/session/CVE-2015-8566.yaml
- https://web.archive.org/web/20160603093633/http://www.securityfocus.com/bid/79197
Пакеты
Наименование
joomla/session
composer
Затронутые версииВерсия исправления
< 1.3.1
1.3.1
Связанные уязвимости
nvd
около 10 лет назад
The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.