CVE-2020-23972 - Vulnerability Details - OpenCVE

In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gmapfp	Gmapfp

Configuration 1 [-]

OR	cpe:2.3:a:gmapfp:gmapfp:j3.5::::-:joomla\!::*
	cpe:2.3:a:gmapfp:gmapfp:j3.5::::free:joomla\!::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html
https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-08-27T13:03:45

Updated: 2024-08-04T15:05:11.658Z

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-23972

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-08-27T14:15:09.837

Modified: 2024-11-21T05:14:16.273

Link: CVE-2020-23972

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-07T18:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-23972", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md", "refsource": "MISC", "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md"}, {"name": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:05:11.658Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-23972", "datePublished": "2020-08-27T13:03:45", "dateReserved": "2020-08-13T00:00:00", "dateUpdated": "2024-08-04T15:05:11.658Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gmapfp:gmapfp:j3.5:*:*:*:-:joomla\\!:*:*", "matchCriteriaId": "206BF877-9885-4214-BF6B-020D2F765687", "vulnerable": true}, {"criteria": "cpe:2.3:a:gmapfp:gmapfp:j3.5:*:*:*:free:joomla\\!:*:*", "matchCriteriaId": "A9DF3EBC-F7DD-4584-96AA-51399E27280B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions."}, {"lang": "es", "value": "En Joomla Component GMapFP Versiones J3.5 y J3.5free, un atacante puede acceder a la funci\u00f3n upload sin autenticarse en la aplicaci\u00f3n y tambi\u00e9n puede cargar archivos que debido a problemas de carga de archivos sin restricciones pueden ser omitidos al cambiar el content-type y demasiadas extensiones dobles del archivo de nombre"}], "id": "CVE-2020-23972", "lastModified": "2024-11-21T05:14:16.273", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-27T14:15:09.837", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}