Exploitation Summary
CVE-2019-9922 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.
Nuclei Templates (1)
Joomla! Harmis Messenger 1.2.2 - Local File Inclusion
HIGHby 0x_Akoko
References (2)
Core 2
Core References
Product, Third Party Advisory x_refsource_misc
https://extensions.joomla.org/extension/je-messenger/
Third Party Advisory x_refsource_misc
https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9922.md
Scores
CVSS v3
7.5
EPSS
0.1059
EPSS Percentile
95.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
harmistechnology/je_messenger
1.2.2
Published
Mar 29, 2019
Tracked Since
Feb 18, 2026