Search
Find a vulnerability
Search criteria
6 vulnerabilities found for AdmirorFrames by Nikola Vasilijevski
CVE-2024-5737 (GCVE-0-2024-5737)
Vulnerability from nvd – Published: 2024-06-28 11:29 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
HTML Injection in AdmirorFrames Joomla! Extension
Summary
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5737 | technical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
|
| admiror-design-studio | admiror_frames |
Affected:
0 , < 5.0
(custom)
cpe:2.3:a:admiror-design-studio:admiror_frames:5.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:admiror-design-studio:admiror_frames:5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "admiror_frames",
"vendor": "admiror-design-studio",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5737",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T21:59:53.619986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T22:01:41.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5737"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5737"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Script afGdStream.php in\u0026nbsp;AdmirorFrames Joomla! extension doesn\u2019t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Script afGdStream.php in\u00a0AdmirorFrames Joomla! extension doesn\u2019t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:31:21.794Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5737"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5737"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML Injection in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5737",
"datePublished": "2024-06-28T11:29:03.154Z",
"dateReserved": "2024-06-07T06:09:43.874Z",
"dateUpdated": "2024-08-01T21:18:07.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5736 (GCVE-0-2024-5736)
Vulnerability from nvd – Published: 2024-06-28 11:26 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
SSRF in AdmirorFrames Joomla! Extension
Summary
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5736 | technical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T20:15:27.174368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:15:34.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:47:27.875Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5736"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SSRF in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5736",
"datePublished": "2024-06-28T11:26:53.512Z",
"dateReserved": "2024-06-07T06:09:42.924Z",
"dateUpdated": "2024-08-01T21:18:06.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5735 (GCVE-0-2024-5735)
Vulnerability from nvd – Published: 2024-06-28 11:24 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
Full Path Disclosure in AdmirorFrames Joomla! Extension
Summary
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5735 | technical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5735",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T18:28:13.619096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T18:28:24.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:31:42.587Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5735"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Full Path Disclosure in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5735",
"datePublished": "2024-06-28T11:24:18.916Z",
"dateReserved": "2024-06-07T06:09:41.563Z",
"dateUpdated": "2024-08-01T21:18:07.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5737 (GCVE-0-2024-5737)
Vulnerability from cvelistv5 – Published: 2024-06-28 11:29 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
HTML Injection in AdmirorFrames Joomla! Extension
Summary
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5737 | technical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
|
| admiror-design-studio | admiror_frames |
Affected:
0 , < 5.0
(custom)
cpe:2.3:a:admiror-design-studio:admiror_frames:5.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:admiror-design-studio:admiror_frames:5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "admiror_frames",
"vendor": "admiror-design-studio",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5737",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T21:59:53.619986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T22:01:41.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5737"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5737"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Script afGdStream.php in\u0026nbsp;AdmirorFrames Joomla! extension doesn\u2019t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Script afGdStream.php in\u00a0AdmirorFrames Joomla! extension doesn\u2019t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:31:21.794Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5737"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5737"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML Injection in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5737",
"datePublished": "2024-06-28T11:29:03.154Z",
"dateReserved": "2024-06-07T06:09:43.874Z",
"dateUpdated": "2024-08-01T21:18:07.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5736 (GCVE-0-2024-5736)
Vulnerability from cvelistv5 – Published: 2024-06-28 11:26 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
SSRF in AdmirorFrames Joomla! Extension
Summary
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5736 | technical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T20:15:27.174368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:15:34.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:47:27.875Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5736"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SSRF in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5736",
"datePublished": "2024-06-28T11:26:53.512Z",
"dateReserved": "2024-06-07T06:09:42.924Z",
"dateUpdated": "2024-08-01T21:18:06.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5735 (GCVE-0-2024-5735)
Vulnerability from cvelistv5 – Published: 2024-06-28 11:24 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
Full Path Disclosure in AdmirorFrames Joomla! Extension
Summary
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://cert.pl/posts/2024/06/CVE-2024-5735/ | third-party-advisory |
| https://github.com/vasiljevski/admirorframes/issues/3 | issue-tracking |
| https://github.com/sectroyer/CVEs/tree/main/CVE-2… | technical-description |
| https://github.com/afine-com/CVE-2024-5735 | technical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nikola Vasilijevski | AdmirorFrames |
Affected:
0 , < 5.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5735",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T18:28:13.619096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T18:28:24.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://github.com/afine-com/CVE-2024-5735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-frames",
"defaultStatus": "unaffected",
"platforms": [
"Joomla!"
],
"product": "AdmirorFrames",
"repo": "https://github.com/vasiljevski/admirorframes",
"vendor": "Nikola Vasilijevski",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin Wyczechowski [AFINE Team]"
},
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Majchrowicz [AFINE Team]"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder.\u0026nbsp;\u003cp\u003eThis issue affects AdmirorFrames: before 5.0.\u003c/p\u003e"
}
],
"value": "Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder.\u00a0This issue affects AdmirorFrames: before 5.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T11:31:42.587Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/06/CVE-2024-5735/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/vasiljevski/admirorframes/issues/3"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735"
},
{
"tags": [
"technical-description"
],
"url": "https://github.com/afine-com/CVE-2024-5735"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Full Path Disclosure in AdmirorFrames Joomla! Extension",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-5735",
"datePublished": "2024-06-28T11:24:18.916Z",
"dateReserved": "2024-06-07T06:09:41.563Z",
"dateUpdated": "2024-08-01T21:18:07.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}