Unrated severityNVD Advisory· Published Aug 27, 2020· Updated Aug 4, 2024
CVE-2020-23972
CVE-2020-23972
Description
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Joomla/GMapFPdescription
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.htmlmitrex_refsource_MISC
- raw.githubusercontent.com/me4yoursecurity/Reports/master/README.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.