QwikSec

Security Database

CVE

CWE

Training

CVE-2019-7743

Published: Feb 12, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://developer.joomla.org/security-centre/770-20190206-core-implement-the-typo3-phar-stream-wrapper

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.