← Back

CVE-2017-8057

nvd nist
Published: Apr 25, 2017Modified: May 13, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting.

Affected (46)

Products: Joomla: Joomla!
Joomla
1 product
Joomla!
Configuration A
46 vulnerable
Vulnerable SoftwareAffected Versions
Joomla
Joomla!
Version 3.4.0
Joomla!
Version 3.4.0 alpha
Joomla!
Version 3.4.0 beta1
Joomla!
Version 3.4.0 beta2
Joomla!
Version 3.4.0 beta3
Joomla!
Version 3.4.0 rc1
Joomla!
Version 3.4.1
Joomla!
Version 3.4.1 rc1
Joomla!
Version 3.4.1 rc2
Joomla!
Version 3.4.2
Joomla!
Version 3.4.2 rc1
Joomla!
Version 3.4.3
Joomla!
Version 3.4.4
Joomla!
Version 3.4.5
Joomla!
Version 3.4.6
Joomla!
Version 3.4.7
Joomla!
Version 3.4.8
Joomla!
Version 3.4.8 rc
Joomla!
Version 3.5.0
Joomla!
Version 3.5.0 beta2
Joomla!
Version 3.5.0 beta3
Joomla!
Version 3.5.0 beta4
Joomla!
Version 3.5.0 beta5
Joomla!
Version 3.5.0 beta
Joomla!
Version 3.5.0 rc2
Joomla!
Version 3.5.0 rc3
Joomla!
Version 3.5.0 rc4
Joomla!
Version 3.5.0 rc
Joomla!
Version 3.5.1
Joomla!
Version 3.5.1 rc
Joomla!
Version 3.6.0
Joomla!
Version 3.6.0 alpha
Joomla!
Version 3.6.0 beta1
Joomla!
Version 3.6.0 beta2
Joomla!
Version 3.6.0 rc2
Joomla!
Version 3.6.0 rc
Joomla!
Version 3.6.1
Joomla!
Version 3.6.1 rc1
Joomla!
Version 3.6.1 rc2
Joomla!
Version 3.6.2
Joomla!
Version 3.6.3
Joomla!
Version 3.6.3 rc1
Joomla!
Version 3.6.3 rc2
Joomla!
Version 3.6.3 rc3
Joomla!
Version 3.6.4
Joomla!
Version 3.6.5

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.