Published: 16/12/2016 Updated: 02/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

An issue exists in components/com_users/models/registration.php in Joomla! prior to 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task.

Vulnerable Product	Search on Vulmon	Subscribe to Product
joomla joomla\\!

#!/usr/bin/python3 # CVE-2016-9838: Joomla! <= 364 Admin TakeOver # cf # Source: wwwambionicsio/blog/cve-2016-9838-joomla-account-takeover-and-remote-code-execution import bs4 import requests import random ADMIN_ID = 384 url = 'vmweblan/Joomla-364/' form_url = url + 'indexphp/component/users/?view=registration' action_ ...

cve-2016-9838

CVE-2016-9838 This is part of Cved: a tool to manage vulnerable docker containers Cved: githubcom/git-rep-src/cved Image source: githubcom/cved-sources/cve-2016-9838 Image author: githubcom/cved-sources/cve-2016-9838

CWE-284 https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html http://www.securityfocus.com/bid/94893 https://www.exploit-db.com/exploits/41157/https://nvd.nist.gov https://github.com/cved-sources/cve-2016-9838 https://www.exploit-db.com/exploits/41157/

CVE-2016-9838

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect