CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Creative-Solutions: >> Creative Contact Form >> 4.6.2 Security Vulnerabilities

CVE-2020-9364

An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactform_upload parameter. An attacker could exploit this vulnerability with the "Send me a copy" option to receive any files of the filesystem via email.

CVSS Score

5.3

EPSS Score

0.005

Published

2020-03-04

Page 1

Vulnerabilities

Vulnerable Software

Creative-Solutions: >> Creative Contact Form >> 4.6.2 Security Vulnerabilities

Products

Pricing

Contact Us