CVE-2017-5214 in B2J Contact Extensioninfo

Summary

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/09/2017

Disclosure

05/17/2017

Moderation

VulDB entry created

Entries

VDB-101441 (1)

CPE

ready

CWE

CWE-254 (Confirmed)

CVSS

7.4

EPSS

0.00300

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-5214
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-5214
CVE Details	https://www.cvedetails.com/cve/CVE-2017-5214/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!