Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for joomla/filesystem by Joomla! Project

    CVE-2022-23794 (GCVE-0-2022-23794)

    Vulnerability from nvd – Published: 2022-03-30 15:20 – Updated: 2026-02-25 05:04
    VLAI
    Title
    [20220302] - Core - Path Disclosure within filesystem error messages
    Summary
    An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
    Severity
    No CVSS data available.
    CWE
    • Path Disclosure
    Assigner
    References
    URL Tags
    https://developer.joomla.org/security-centre/871-… x_refsource_MISCvendor-advisory
    Impacted products
    Date Public
    2022-03-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.080Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joomla! CMS",
              "vendor": "Joomla! Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
                }
              ]
            },
            {
              "product": "joomla/filesystem",
              "vendor": "Joomla! Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0-1.6.1 \u0026 2.0.0"
                }
              ]
            }
          ],
          "datePublic": "2022-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Path Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-25T05:04:45.863Z",
            "orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
            "shortName": "Joomla"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC",
                "vendor-advisory"
              ],
              "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
            }
          ],
          "title": "[20220302] - Core - Path Disclosure within filesystem error messages",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@joomla.org",
              "DATE_PUBLIC": "2022-03-29T18:00:00",
              "ID": "CVE-2022-23794",
              "STATE": "PUBLIC",
              "TITLE": "[20220302] - Core - Path Disclosure within filesystem error messages"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joomla! CMS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "joomla/filesystem",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.0.0-1.6.1 \u0026 2.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joomla! Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Path Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html",
                  "refsource": "MISC",
                  "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
        "assignerShortName": "Joomla",
        "cveId": "CVE-2022-23794",
        "datePublished": "2022-03-30T15:20:24.272Z",
        "dateReserved": "2022-01-20T00:00:00.000Z",
        "dateUpdated": "2026-02-25T05:04:45.863Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-23794 (GCVE-0-2022-23794)

    Vulnerability from cvelistv5 – Published: 2022-03-30 15:20 – Updated: 2026-02-25 05:04
    VLAI
    Title
    [20220302] - Core - Path Disclosure within filesystem error messages
    Summary
    An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.
    Severity
    No CVSS data available.
    CWE
    • Path Disclosure
    Assigner
    References
    URL Tags
    https://developer.joomla.org/security-centre/871-… x_refsource_MISCvendor-advisory
    Impacted products
    Date Public
    2022-03-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.080Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joomla! CMS",
              "vendor": "Joomla! Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
                }
              ]
            },
            {
              "product": "joomla/filesystem",
              "vendor": "Joomla! Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0-1.6.1 \u0026 2.0.0"
                }
              ]
            }
          ],
          "datePublic": "2022-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Path Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-25T05:04:45.863Z",
            "orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
            "shortName": "Joomla"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC",
                "vendor-advisory"
              ],
              "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
            }
          ],
          "title": "[20220302] - Core - Path Disclosure within filesystem error messages",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@joomla.org",
              "DATE_PUBLIC": "2022-03-29T18:00:00",
              "ID": "CVE-2022-23794",
              "STATE": "PUBLIC",
              "TITLE": "[20220302] - Core - Path Disclosure within filesystem error messages"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joomla! CMS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.0.0-3.10.6 \u0026 4.0.0-4.1.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "joomla/filesystem",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.0.0-1.6.1 \u0026 2.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joomla! Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Joomla! 3.0.0 through 3.10.6 \u0026 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Path Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html",
                  "refsource": "MISC",
                  "url": "https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
        "assignerShortName": "Joomla",
        "cveId": "CVE-2022-23794",
        "datePublished": "2022-03-30T15:20:24.272Z",
        "dateReserved": "2022-01-20T00:00:00.000Z",
        "dateUpdated": "2026-02-25T05:04:45.863Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }