CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt