Login Sign Up

CVE-2024-5735

7.5 HIGH

📋 TL;DR

A Full Path Disclosure vulnerability in the AdmirorFrames Joomla! extension allows unauthenticated attackers to retrieve the web root folder location. This affects AdmirorFrames versions before 5.0. The exposed path information can aid attackers in further exploitation attempts.

💻 Affected Systems

Products:
  • AdmirorFrames Joomla! Extension
Versions: All versions before 5.0
Operating Systems: Any OS running Joomla!
Default Config Vulnerable: ⚠️ Yes
Notes: Requires AdmirorFrames extension to be installed and enabled in Joomla!

📦 What is this software?

Admirorframes by Admiror Design Studio

View all CVEs affecting Admirorframes →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers combine path disclosure with other vulnerabilities to achieve remote code execution or sensitive data exposure.

🟠

Likely Case

Attackers use the path information to map the server structure and plan targeted attacks against the Joomla! installation.

🟢

If Mitigated

Limited to information disclosure that doesn't directly compromise data or system integrity.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Simple HTTP request to afHelper.php script triggers the disclosure

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.0

Vendor Advisory: https://github.com/vasiljevski/admirorframes/issues/3

Restart Required: No

Instructions:

1. Update AdmirorFrames extension to version 5.0 or later. 2. In Joomla! admin panel, go to Extensions > Manage > Update. 3. Check for AdmirorFrames update or manually install version 5.0+.

🔧 Temporary Workarounds

Disable AdmirorFrames Extension

all

Temporarily disable the vulnerable extension until patching is possible

Restrict Access to afHelper.php

linux

Block direct access to the vulnerable script via web server configuration

# Apache: <Files "afHelper.php"> Require all denied </Files>
# Nginx: location ~ /afHelper\.php$ { deny all; }

🧯 If You Can't Patch

  • Implement WAF rules to block requests to afHelper.php
  • Monitor logs for path disclosure attempts and unusual access patterns

🔍 How to Verify

Check if Vulnerable:

Access /plugins/content/admirorframes/afHelper.php in browser - if it returns full server path, system is vulnerable

Check Version:

Check Joomla! extension manager for AdmirorFrames version

Verify Fix Applied:

After update, access afHelper.php should return error or no path disclosure

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests to /plugins/content/admirorframes/afHelper.php
  • Unusual error messages containing full server paths

Network Indicators:

  • GET requests to afHelper.php from external IPs

SIEM Query:

source="web_server" AND uri="/plugins/content/admirorframes/afHelper.php"

📊 Metadata

CVE ID: CVE-2024-5735
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-497
Published: June 28, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5735, you might also want to check these:

CVE-2025-47699 9.9

This vulnerability in Gallagher Command Centre Server allows authenticated operators with limited si...

Same vulnerability type (CWE-497)
CVE-2025-44823 9.9

Nagios Log Server before version 2024R1.3.2 allows authenticated users to retrieve cleartext adminis...

Same vulnerability type (CWE-497)
CVE-2025-1144 9.8

The School Affairs System from Quanxun exposes sensitive information to unauthenticated attackers, a...

Same vulnerability type (CWE-497)