GCVE - cpe:2.3:a:admiror-design-studio:admirorframes:*:*:*:*:*:joomla\!:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:admiror-design-studio:admirorframes:*:*:*:*:*:joomla\!:*:*

part: a version: * update: *

Vendor	Admiror Design Studio (`2acc949a-a348-5e01-ac20-e3bab0892c09`)
Product	Admirorframes (`228ebb3f-0ab8-5d2d-812e-72af8d0a2cc4`)
Edition	*
Language	*
Software edition	*
Target software	joomla!
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-5737`	vulnerable	2026-06-08 06:56:17.141696	HTML Injection in AdmirorFrames Joomla! Extension Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0. Published: 2024-06-28T11:29:03.154Z Updated: 2024-08-01T21:18:07.021Z Open on db.gcve.eu Reference links https://cert.pl/en/posts/2024/06/CVE-2024-5735/ https://cert.pl/posts/2024/06/CVE-2024-5735/ https://github.com/vasiljevski/admirorframes/issues/3 https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5737 https://github.com/afine-com/CVE-2024-5737	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-5736`	vulnerable	2026-06-08 06:56:17.139837	SSRF in AdmirorFrames Joomla! Extension Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0. Published: 2024-06-28T11:26:53.512Z Updated: 2024-08-01T21:18:06.930Z Open on db.gcve.eu Reference links https://cert.pl/en/posts/2024/06/CVE-2024-5735/ https://cert.pl/posts/2024/06/CVE-2024-5735/ https://github.com/vasiljevski/admirorframes/issues/3 https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5736 https://github.com/afine-com/CVE-2024-5736	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-5735`	vulnerable	2026-06-08 06:56:17.139223	Full Path Disclosure in AdmirorFrames Joomla! Extension Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0. Published: 2024-06-28T11:24:18.916Z Updated: 2024-08-01T21:18:07.044Z Open on db.gcve.eu Reference links https://cert.pl/en/posts/2024/06/CVE-2024-5735/ https://cert.pl/posts/2024/06/CVE-2024-5735/ https://github.com/vasiljevski/admirorframes/issues/3 https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735 https://github.com/afine-com/CVE-2024-5735	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Admirorframes

PURL mappings

Vulnerability references

Contribute