CVE-2015-8566

The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
joomlasession
1.3.0
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/79197
https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html
http://www.securityfocus.com/bid/79197
https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html