CVE-2016-9838

HIGH LAB

Joomla! < 3.6.4 - Improper Access Control

Title source: rule

Description

An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task.

Exploits (2)

exploitdb WORKING POC

by Charles Fol · pythonwebappsphp

https://www.exploit-db.com/exploits/41157

View Code ZIP pw:eip

nomisec WORKING POC

by cved-sources · poc

https://github.com/cved-sources/cve-2016-9838

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/41157/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94893

Scores

CVSS v3 7.5

EPSS 0.0287

EPSS Percentile 86.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull cved/base-lamp

https://github.com/cved-sources/cve-2016-9838

View in Library

Details

CWE

CWE-284

Status published

Products (1)

joomla/joomla\! < 3.6.4

Published Dec 16, 2016

Tracked Since Feb 18, 2026