Joomla!.Component.Jw.AllVideos.Arbitrary.File.Download

description-logoDescription

This indicates an attack attempt against an Arbitrary File Download vulnerability in Joomla! component JoomlaWorks AllVideos.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP request. An unauthenticated remote attacker can exploit this to download backup files that results in disclosure of information which could be used to further compromise the targeted system.

affected-products-logoAffected Products

Joomla! component JoomlaWorks AllVideos version 3.0 to version 3.2

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Applied patch or upgrade to the latest version from the vendor.
https://www.joomlaworks.net

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-11-22 15.729 Name:Joomla.
Component.
Jw.
AllVideos.
Arbitrary.
File.
Download:Joomla!.
Component.
Jw.
AllVideos.
Arbitrary.
File.
Download
2019-10-24 14.710 Default_action:pass:drop
2019-07-16 14.649

References

11447