Description

Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Joomla!.

Remediation

References

CVE-2006-4466

Related Vulnerabilities

WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Unspecified Vulnerability (5.0.2)

WordPress Plugin Gantry 4 Framework Remote Command Execution (4.1.3)

WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0)

WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.3)

WordPress Plugin BookingPress-Appointments Booking Calendar and Online Scheduling Insecure Direct Object Reference (1.0.30)

Severity

Medium

Classification

CVE-2006-4466 CWE-20

Tags

Missing Update Known Vulnerabilities