What is CVE-2013-5576?

CVE-2013-5576 is a vulnerability in Joomla Joomla\!, classified under Improper Input Validation. Published 2013-10-09.

Is CVE-2013-5576 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Joomla Joomla\!

CVE-2013-5576

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files wit…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.521 (98.0th percentile) — read the EPSS interpretation.

Affected products

Joomla Joomla\! — versions 2.5.0, 2.5.1, 2.5.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

27610 (Exploit, exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)
VU#639620 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
[oss-security] 20130824 Re: CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Exploit, Patch)
[oss-security] 20130824 CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-5576?: CVE-2013-5576 is a vulnerability in Joomla Joomla\!, classified under Improper Input Validation. Published 2013-10-09.
Is CVE-2013-5576 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.