Vulnerability Description
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Admiror-Design-Studio | Admirorframes | < 5.0 |
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://github.com/afine-com/CVE-2024-5735ExploitThird Party Advisory
- https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735ExploitThird Party Advisory
- https://github.com/vasiljevski/admirorframes/issues/3Issue Tracking
- https://cert.pl/en/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://github.com/afine-com/CVE-2024-5735ExploitThird Party Advisory
- https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735ExploitThird Party Advisory
- https://github.com/vasiljevski/admirorframes/issues/3Issue Tracking
FAQ
What is CVE-2024-5735?
CVE-2024-5735 is a vulnerability with a CVSS score of 7.5 (HIGH). Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: ...
How severe is CVE-2024-5735?
CVE-2024-5735 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5735?
Check the references section above for vendor advisories and patch information. Affected products include: Admiror-Design-Studio Admirorframes.