cvedb.io
CVE-2017-18345
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-08-26T21:29:00.233 · Last modified 2026-06-17T01:12:39.470

Summary

The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.

Affected products

joomanager_project — joomanager

Does this affect you?

Add your gear to cvedb and we'll alert you only when joomanager_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.