Admiror-Design-Studio: Security Vulnerabilities
Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-02-04
Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0.
CVSS Score
6.1
EPSS Score
0.034
Published
2024-06-28
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.
CVSS Score
7.5
EPSS Score
0.109
Published
2024-06-28
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0.
CVSS Score
7.5
EPSS Score
0.192
Published
2024-06-28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-08-07