B2j Contact
Sign in to watchby Codextrous
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5215 | Cri | 0.64 | 9.8 | 0.00 | May 17, 2017 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution. | |
| CVE-2017-9030 | Hig | 0.49 | 7.5 | 0.02 | May 17, 2017 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files. | |
| CVE-2017-5214 | Hig | 0.49 | 7.5 | 0.00 | May 17, 2017 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files. |