Описание
The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugin_googlemap3_kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428.
Ссылки
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2 (включая)
cpe:2.3:a:mapsplugin:googlemaps:*:*:*:*:*:joomla\!:*:*
EPSS
Процентиль: 75%
0.00862
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugin_googlemap3_kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428.
EPSS
Процентиль: 75%
0.00862
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-399