CVE-2016-9836
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types.
We have discovered 273,630 live websites that are affected by CVE-2016-9836.
Affected Software
| Product |  Joomla |
| Category | Content Management System |
| Vulnerable Domains | 273,630 live websites (98.51% of Joomla install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 62 versions ( 36.90% of all versions) |
Details
- Published - Dec 6, 2016
- Updated - Aug 6, 2024
CVE References
CVE-2016-9836 usage by Country
 United States | 16,292 websites |
 Italy | 66,613 websites |
 Australia | 24,828 websites |
 GB | 16,750 websites |
 Germany | 14,450 websites |
 Russia | 14,418 websites |
 Poland | 12,826 websites |
 Netherlands | 11,568 websites |
 Iran | 9,246 websites |
 South Africa | 8,925 websites |
CVE-2016-9836 usage by TLD
| .com | 66,701 websites |
| .it | 43,763 websites |
| .com.au | 17,070 websites |
| .ru | 12,316 websites |
| .pl | 9,189 websites |
| .co.uk | 9,022 websites |
| .org | 7,529 websites |
| .de | 6,956 websites |
| .nl | 6,893 websites |
| .net | 5,906 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2016-9836
Top websites that are affected by CVE-2016-9836. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.de | Germany | *,*** | |
| *******.**.ca |  Canada | *,*** | |
| **************.********.com | United States | **,*** | |
| ***********.com | Italy | **,*** | |
| ***********.**.za | South Africa | **,*** | |
| ********.com |  Serbia | **,*** | |
| ***************.com | Italy | **,*** | |
| ********.com | United States | **,*** | |
| *********.com | GB | **,*** | |
| *****.**.uk | GB | **,*** |
FAQ
A total of 273,630 websites have been identified as vulnerable to CVE-2016-9836, discovered through global website indexing conducted by WebTechSurvey.
Joomla is susceptible to CVE-2016-9836 vulnerability.
Joomla versions before 3.6.5 are vulnerable to CVE-2016-9836.
Version 3.6.5 of Joomla addresses the CVE-2016-9836 security vulnerability.