CVE-2007-4781 | Date: (C)2007-09-10 (M)2023-12-22 |
administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when com_installer is the value of the option parameter.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 6.6 |
Exploit Score: 3.9 |
Impact Score: 9.2 |
|
CVSS V2 Metrics: |
Access Vector: NETWORK |
Access Complexity: HIGH |
Authentication: SINGLE |
Confidentiality: NONE |
Integrity: COMPLETE |
Availability: COMPLETE |
| |