CVE-2024-40744 – This vulnerability allows attackers to bypass s... (How to Fix)

Q: What is the severity of CVE-2024-40744?

CVE-2024-40744 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows attackers to bypass security restrictions and upload arbitrary files to Joomla websites using the Convert Forms component. Attackers can achieve remote code execution by uploading malicious files like PHP shells. All Joomla sites using vulnerable versions of Convert Forms are affected.

📋 TL;DR

This vulnerability allows attackers to bypass security restrictions and upload arbitrary files to Joomla websites using the Convert Forms component. Attackers can achieve remote code execution by uploading malicious files like PHP shells. All Joomla sites using vulnerable versions of Convert Forms are affected.

💻 Affected Systems

Products:

Joomla with Convert Forms component

Versions: Convert Forms versions before 4.4.8

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Convert Forms component to be installed and enabled

📦 What is this software?

Convert Forms by Convert Forms Project

View all CVEs affecting Convert Forms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise leading to data theft, defacement, ransomware deployment, or use as attack platform

🟠

Likely Case

Website defacement, backdoor installation, data exfiltration, or credential theft

🟢

If Mitigated

Limited impact with proper file upload validation and web application firewall rules

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CVSS 9.8 indicates critical severity with network access and no privileges required

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Convert Forms 4.4.8

Vendor Advisory: https://www.tassos.gr/joomla-extensions/convert-forms

Restart Required: No

Instructions:

1. Log into Joomla admin panel. 2. Navigate to Extensions > Manage > Update. 3. Update Convert Forms to version 4.4.8 or later. 4. Alternatively, download from vendor site and install manually.

🔧 Temporary Workarounds

Disable Convert Forms component

all

Temporarily disable the vulnerable component until patching

Navigate to Extensions > Manage > Manage, find Convert Forms, click Disable

Restrict file uploads via .htaccess

linux

Block execution of uploaded files in upload directories

Add to .htaccess in upload directories: <FilesMatch "\.(php|php5|php7|phtml|phar)$">
  Order Allow,Deny
  Deny from all
</FilesMatch>

🧯 If You Can't Patch

Implement strict file upload validation at web application firewall level
Monitor upload directories for suspicious files and restrict permissions

🔍 How to Verify

Check if Vulnerable:

Check Convert Forms version in Joomla admin panel under Extensions > Manage > Manage

Check Version:

Check Joomla admin panel or database #__extensions table for Convert Forms version

Verify Fix Applied:

Confirm Convert Forms version is 4.4.8 or higher in component details

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to Convert Forms endpoints
PHP file execution from upload directories
Multiple failed upload attempts

Network Indicators:

POST requests to /index.php?option=com_convertforms with file uploads
Unusual traffic to upload directories

SIEM Query:

source="web_server" AND (uri="*com_convertforms*" AND method="POST") AND (file_extension="php" OR file_extension="phtml")

📊 Metadata

CVE ID: CVE-2024-40744

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: December 4, 2024

Last Updated: June 4, 2025

🔗 References

https://www.tassos.gr/joomla-extensions/convert-forms Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40744, you might also want to check these: