CVE-2019-10945

CRITICAL

Joomla! < 3.9.4 - Path Traversal via Media Manager Folder Parameter

Title source: llm

Exploitation Summary

EIP tracks 5 public exploits for CVE-2019-10945. PoCs published by Haboob Team, dpgg101, Shockp.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in Joomla Core (1.5.0 through 3.9.4) to list files in arbitrary directories and delete files. It requires authentication and uses the Media Manager component to perform these actions.

Description

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

Exploits (5)

exploitdb WORKING POC

by Haboob Team · pythonwebappsphp

https://www.exploit-db.com/exploits/46710

View Code ZIP pw:eip

This exploit leverages a directory traversal vulnerability in Joomla Core (1.5.0 through 3.9.4) to list files in arbitrary directories and delete files. It requires authentication and uses the Media Manager component to perform these actions.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Joomla Core 1.5.0 through 3.9.4

Auth required

Prerequisites: Valid Joomla administrator credentials · Access to the Joomla administrator panel

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 24 stars

by dpgg101 · poc

https://github.com/dpgg101/CVE-2019-10945

View Code ZIP pw:eip

This repository contains a functional Python 3 exploit for CVE-2019-10945, which targets Joomla Core versions 1.5.0 through 3.9.4. The exploit demonstrates directory traversal and authenticated arbitrary file deletion by leveraging a vulnerability in the Joomla media manager component.

Classification

Working Poc 95%

Attack Type

Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Joomla Core 1.5.0 through 3.9.4

Auth required

Prerequisites: Valid Joomla administrator credentials · Access to the Joomla administrator interface

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 19, 2026 Full analysis →

github WORKING POC 1 stars

by Shockp · pythonpoc

https://github.com/Shockp/CVE-Exploits/tree/main/CVE-2019-10945 (joomla 3.9.4)

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2019-10945, which targets Joomla versions 1.5.0 through 3.9.4. The exploit demonstrates directory traversal and authenticated arbitrary file deletion via crafted requests to the Joomla media manager component.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Joomla 1.5.0 through 3.9.4

Auth required

Prerequisites: valid Joomla administrator credentials · access to the Joomla administrator panel

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 27, 2026 Full analysis →

nomisec WORKING POC

by tayW84 · poc

https://github.com/tayW84/CVE-2019-10945----Python3

View Code ZIP pw:eip

This repository contains a functional Python3 exploit for CVE-2019-10945, which targets a SQL injection vulnerability in Drupal 7.x. The exploit includes a Drupal password hash calculator and a script to exploit the vulnerability, demonstrating the ability to execute arbitrary SQL queries.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Drupal 7.x

No auth needed

Prerequisites: Target running Drupal 7.x · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Mar 20, 2026 Full analysis →

nomisec WORKING POC

by Snizi · poc

https://github.com/Snizi/CVE-2019-10945

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2019-10945, which targets a directory traversal and authenticated arbitrary file deletion vulnerability in Joomla versions 1.5.0 through 3.9.4. The exploit authenticates with Joomla credentials and allows listing or deleting files in specified directories.

Classification

Working Poc 95%

Attack Type

Auth Bypass | Info Leak | Other

Complexity

Moderate

Reliability

Reliable

Target: Joomla 1.5.0 through 3.9.4

Auth required

Prerequisites: Valid Joomla administrator credentials · Access to the Joomla administrator panel URL

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery T1485 - Data Destruction

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://developer.joomla.org/security-centre/777-20190401-core-directory-traversal-in-com-media

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46710/

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/152515/Joomla-3.9.4-Arbitrary-File-Deletion-Directory-Traversal.html

Scores

CVSS v3 9.8

EPSS 0.3802

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

joomla/joomla\! 1.5.0 - 3.9.4

Published Apr 10, 2019

Tracked Since Feb 18, 2026