Vulnerabilities > Admiror Design Studio > Admirorframes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-28 | CVE-2024-5735 | Unspecified vulnerability in Admiror-Design-Studio Admirorframes Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0. | 7.5 |
| 2024-06-28 | CVE-2024-5736 | Server-Side Request Forgery (SSRF) vulnerability in Admiror-Design-Studio Admirorframes Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0. | 7.5 |
| 2024-06-28 | CVE-2024-5737 | Cross-site Scripting vulnerability in Admiror-Design-Studio Admirorframes Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. | 6.1 |