CVE-2008-3228

Joomla! < 1.5.4 - Unspecified Security Bypass via SEF URL Handling

Title source: llm
STIX 2.1

Description

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

References (4)

Core 4
Core References
Various Sources x_refsource_confirm
http://www.joomla.org/content/view/5180/1/
Various Sources x_refsource_confirm
http://www.joomla.org/content/view/5180/1/1/1/#htaccess
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44206
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/12/2

Scores

EPSS 0.0008
EPSS Percentile 23.1%

Details

CWE
CWE-16
Status published
Products (25)
joomla/joomla 1.0
joomla/joomla 1.0.0
joomla/joomla 1.0.1
joomla/joomla 1.0.2
joomla/joomla 1.0.3
joomla/joomla 1.0.4
joomla/joomla 1.0.5
joomla/joomla 1.0.6
joomla/joomla 1.0.7
joomla/joomla 1.0.8
... and 15 more
Published Jul 18, 2008
Tracked Since Feb 18, 2026