CVE-2010-1435

9.8CRITICAL

Key Information

Vendor: Joomla
Status: Joomla
Vendor: CVE Published:; 21 June 2021

Summary

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Affected Version(s)

Joomla = Joomla core from 1.5.0 up to and including 1.5.15

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 21, 2021
Vulnerability Reserved.
Apr 15, 2010

Collectors

NVD DatabaseMitre Database