CVE-2020-23971

gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can access the upload function without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.
Configurations

Configuration 1

cpe:2.3:a:gmapfp:gmapfp:j3.30:*:*:*:pro:joomla!:*:*

Information

Published : 2020-09-01 04:15

Updated : 2020-09-08 05:10


NVD link : CVE-2020-23971

Mitre link : CVE-2020-23971

Products Affected
No products.
CWE
CWE-276

Incorrect Default Permissions