What is CVE-2019-10945?

CVE-2019-10945 is a vulnerability in N/a. Published 2019-04-10.

Is CVE-2019-10945 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-10945

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

EPSS: 0.811 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

dpgg101/CVE-2019-10945
tayW84/CVE-2019-10945----Python3
Snizi/CVE-2019-10945
joaomorenorf/CVE-2014-3704
kabaneridev/oscp-notes
kabaneridev/pt-notes
ARPSyndicate/cvemon
PuddinCat/GithubRepoSpider

References

developer.joomla.org/security-centre/777-20190401-core-directory-traversal-in-c… (x_refsource_MISC)
46710 (exploit, x_refsource_EXPLOIT-DB)
packetstormsecurity.com/files/152515/Joomla-3.9.4-Arbitrary-File-Deletion-Direc… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-10945?: CVE-2019-10945 is a vulnerability in N/a. Published 2019-04-10.
Is CVE-2019-10945 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.