Vulnerability Description
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Admiror-Design-Studio | Admirorframes | < 5.0 |
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://github.com/afine-com/CVE-2024-5736ExploitThird Party Advisory
- https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736ExploitThird Party Advisory
- https://github.com/vasiljevski/admirorframes/issues/3Issue Tracking
- https://cert.pl/en/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://cert.pl/posts/2024/06/CVE-2024-5735/Third Party Advisory
- https://github.com/afine-com/CVE-2024-5736ExploitThird Party Advisory
- https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736ExploitThird Party Advisory
- https://github.com/vasiljevski/admirorframes/issues/3Issue Tracking
FAQ
What is CVE-2024-5736?
CVE-2024-5736 is a vulnerability with a CVSS score of 7.5 (HIGH). Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affe...
How severe is CVE-2024-5736?
CVE-2024-5736 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5736?
Check the references section above for vendor advisories and patch information. Affected products include: Admiror-Design-Studio Admirorframes.