CVE-2013-7428
high
CVSS v3
7.5
CVSS v2
5.0
VIR risk
7.5
Description
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.
Predictions
Exploit likelihood
83%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.mapsplugin.com/Google-Maps/Documentation-of-plugin-Googlemap/security-release-3-1-of-plugin-googlemaps.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mapsplugin | googlemaps | {"endIncluding":"3.0"} | |
References
- http://seclists.org/fulldisclosure/2013/Jul/158
- http://www.mapsplugin.com/Google-Maps/Documentation-of-plugin-Googlemap/security-release-3-1-of-plugin-googlemaps.html
- http://www.openwall.com/lists/oss-security/2015/02/26/11
- http://www.openwall.com/lists/oss-security/2015/02/27/3
- http://seclists.org/fulldisclosure/2013/Jul/158
- http://www.mapsplugin.com/Google-Maps/Documentation-of-plugin-Googlemap/security-release-3-1-of-plugin-googlemaps.html
- http://www.openwall.com/lists/oss-security/2015/02/26/11
- http://www.openwall.com/lists/oss-security/2015/02/27/3
CWEs
CWE-400
Verify integrity in audit chain (admin only). AS-IS.