CVE-2017-9030

HIGH

Codextrous B2J Contact <2.1.13 - Path Traversal

Title source: llm
STIX 2.1

Description

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0210
EPSS Percentile 79.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
codextrous/b2j_contact < 2.1.12
Published May 17, 2017
Tracked Since Feb 18, 2026