Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2016-9835
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-05 Dec, 2016 | 08:59
Updated At-12 Apr, 2025 | 10:46

Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before 1.4.4 on Windows allows a remote attacker to launch a PHP object injection by uploading a serialized file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
zikula
zikula
>>zikula_application_framework>>1.3.0
cpe:2.3:a:zikula:zikula_application_framework:1.3.0:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.1
cpe:2.3:a:zikula:zikula_application_framework:1.3.1:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.2
cpe:2.3:a:zikula:zikula_application_framework:1.3.2:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.3
cpe:2.3:a:zikula:zikula_application_framework:1.3.3:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.4
cpe:2.3:a:zikula:zikula_application_framework:1.3.4:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.5
cpe:2.3:a:zikula:zikula_application_framework:1.3.5:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.6
cpe:2.3:a:zikula:zikula_application_framework:1.3.6:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.7
cpe:2.3:a:zikula:zikula_application_framework:1.3.7:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.8
cpe:2.3:a:zikula:zikula_application_framework:1.3.8:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.9
cpe:2.3:a:zikula:zikula_application_framework:1.3.9:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.10
cpe:2.3:a:zikula:zikula_application_framework:1.3.10:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.3.10
cpe:2.3:a:zikula:zikula_application_framework:1.3.10:rc1:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:rc1:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:rc2:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:rc3:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:rc4:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.0
cpe:2.3:a:zikula:zikula_application_framework:1.4.0:rc5:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.1
cpe:2.3:a:zikula:zikula_application_framework:1.4.1:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.2
cpe:2.3:a:zikula:zikula_application_framework:1.4.2:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.3
cpe:2.3:a:zikula:zikula_application_framework:1.4.3:*:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.3
cpe:2.3:a:zikula:zikula_application_framework:1.4.3:rc1:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.3
cpe:2.3:a:zikula:zikula_application_framework:1.4.3:rc2:*:*:*:*:*:*
zikula
zikula
>>zikula_application_framework>>1.4.3
cpe:2.3:a:zikula:zikula_application_framework:1.4.3:rc3:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-77Primarynvd@nist.gov
CWE-284Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/95005cve@mitre.org
Third Party Advisory
VDB Entry
https://github.com/zikula/core/blob/1.3/CHANGELOG-1.3.mdcve@mitre.org
Issue Tracking
Patch
Release Notes
Third Party Advisory
https://github.com/zikula/core/blob/1.4/CHANGELOG-1.4.mdcve@mitre.org
Issue Tracking
Patch
Release Notes
Third Party Advisory
https://github.com/zikula/core/issues/3237cve@mitre.org
Issue Tracking
Patch
Third Party Advisory
http://www.securityfocus.com/bid/95005af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://github.com/zikula/core/blob/1.3/CHANGELOG-1.3.mdaf854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Release Notes
Third Party Advisory
https://github.com/zikula/core/blob/1.4/CHANGELOG-1.4.mdaf854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Release Notes
Third Party Advisory
https://github.com/zikula/core/issues/3237af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Third Party Advisory
Change History
0Changes found
Details not found