Search
Find a vulnerability
Search criteria
2 vulnerabilities found for joomla/filesystem by Joomla! Project
CVE-2022-23794 (GCVE-0-2022-23794)
Vulnerability from nvd – Published: 2022-03-30 15:20 – Updated: 2026-02-25 05:04
VLAI
Title
[20220302] - Core - Path Disclosure within filesystem error messages
Summary
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Severity
No CVSS data available.
CWE
- Path Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://developer.joomla.org/security-centre/871-… | x_refsource_MISCvendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Affected:
3.0.0-3.10.6 & 4.0.0-4.1.0
|
|
| Joomla! Project | joomla/filesystem |
Affected:
1.0.0-1.6.1 & 2.0.0
|
Date Public
2022-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"vendor-advisory",
"x_transferred"
],
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
}
]
},
{
"product": "joomla/filesystem",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "1.0.0-1.6.1 \u0026 2.0.0"
}
]
}
],
"datePublic": "2022-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T05:04:45.863Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
],
"title": "[20220302] - Core - Path Disclosure within filesystem error messages",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@joomla.org",
"DATE_PUBLIC": "2022-03-29T18:00:00",
"ID": "CVE-2022-23794",
"STATE": "PUBLIC",
"TITLE": "[20220302] - Core - Path Disclosure within filesystem error messages"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Joomla! CMS",
"version": {
"version_data": [
{
"version_value": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
}
]
}
},
{
"product_name": "joomla/filesystem",
"version": {
"version_data": [
{
"version_value": "1.0.0-1.6.1 \u0026 2.0.0"
}
]
}
}
]
},
"vendor_name": "Joomla! Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html",
"refsource": "MISC",
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2022-23794",
"datePublished": "2022-03-30T15:20:24.272Z",
"dateReserved": "2022-01-20T00:00:00.000Z",
"dateUpdated": "2026-02-25T05:04:45.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-23794 (GCVE-0-2022-23794)
Vulnerability from cvelistv5 – Published: 2022-03-30 15:20 – Updated: 2026-02-25 05:04
VLAI
Title
[20220302] - Core - Path Disclosure within filesystem error messages
Summary
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
Severity
No CVSS data available.
CWE
- Path Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://developer.joomla.org/security-centre/871-… | x_refsource_MISCvendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Affected:
3.0.0-3.10.6 & 4.0.0-4.1.0
|
|
| Joomla! Project | joomla/filesystem |
Affected:
1.0.0-1.6.1 & 2.0.0
|
Date Public
2022-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"vendor-advisory",
"x_transferred"
],
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
}
]
},
{
"product": "joomla/filesystem",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "1.0.0-1.6.1 \u0026 2.0.0"
}
]
}
],
"datePublic": "2022-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T05:04:45.863Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
],
"title": "[20220302] - Core - Path Disclosure within filesystem error messages",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@joomla.org",
"DATE_PUBLIC": "2022-03-29T18:00:00",
"ID": "CVE-2022-23794",
"STATE": "PUBLIC",
"TITLE": "[20220302] - Core - Path Disclosure within filesystem error messages"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Joomla! CMS",
"version": {
"version_data": [
{
"version_value": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
}
]
}
},
{
"product_name": "joomla/filesystem",
"version": {
"version_data": [
{
"version_value": "1.0.0-1.6.1 \u0026 2.0.0"
}
]
}
}
]
},
"vendor_name": "Joomla! Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html",
"refsource": "MISC",
"url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2022-23794",
"datePublished": "2022-03-30T15:20:24.272Z",
"dateReserved": "2022-01-20T00:00:00.000Z",
"dateUpdated": "2026-02-25T05:04:45.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}