#VU157 Remote PHP code execution in Joomla! - CVE-2015-8562
Published: July 18, 2016 / Updated: May 3, 2021
Vulnerability identifier: #VU157
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2015-8562
CWE-ID: CWE-94
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
Joomla!
Joomla!
Software vendor:
Joomla!
Joomla!
Description
The vulnerability allows a remote attacker to execute arbitrary PHP code on the target system.
The vulnerability exists due to insufficient filtration of HTTP User-Agent header and filter-search HTTP POST parameter before storing them into database. A remote unauthenticated attacker can permanently inject and execute arbitrary PHP code on the target system with privileges of the web server.
Successful exploitation of this vulnerability will allow a remote attacker to gain complete control over the vulnerable web application and execute arbitrary PHP code on the target system.
Note: this is a zero-day vulnerability and it is being exploited in the wild.
Remediation
Update your Joomla! installation to version 3.4.6.