CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
89.4%
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
joomla | joomla\! | 3.0.0 | cpe:2.3:a:joomla:joomla\!:3.0.0:*:*:*:*:*:*:* |
joomla | joomla\! | 3.0.1 | cpe:2.3:a:joomla:joomla\!:3.0.1:*:*:*:*:*:*:* |
joomla | joomla\! | 3.0.2 | cpe:2.3:a:joomla:joomla\!:3.0.2:*:*:*:*:*:*:* |
joomla | joomla\! | 3.0.3 | cpe:2.3:a:joomla:joomla\!:3.0.3:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.0 | cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.1 | cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.2 | cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.3 | cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.4 | cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:* |
joomla | joomla\! | 2.5.5 | cpe:2.3:a:joomla:joomla\!:2.5.5:*:*:*:*:*:*:* |