CVE-2013-1453
Published Feb 13, 2013
Last updated 7 years ago
Overview
- Description
- plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23266955-F1A6-4A06-AC39-6DDCA89042D3"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "500F31F1-59C7-4FC1-9F33-5868095147A5"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2ED09A7-6F6F-4D8E-B1C8-9F02587292A2"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB41BDFF-76E2-47F7-933C-BA1B62BEEB60"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB16BDD1-C100-46AD-B0BB-699E32BF7FCC"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "287DD122-A85D-4B55-97AC-5861157A177E"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98C4C245-C895-450C-B319-D0A11AA6F4B7"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "194B27E6-49C4-409F-B727-38E5C904CD3C"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:2.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFFF133F-44AF-46FF-9A62-272D0A10C539"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "795E7538-038C-42D7-B4A8-BED0F120B605"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC38EBE5-69C4-4F10-9AED-4E7E51B19BA5"
},
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E760A5AA-299D-47EA-895F-B9CA212D8BAF"
}
],
"operator": "OR"
}
]
}
]