CVE-2016-9837
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request.
We have discovered 273,630 live websites that are affected by CVE-2016-9837.
Affected Software
| Product |  Joomla |
| Category | Content Management System |
| Vulnerable Domains | 273,630 live websites (98.51% of Joomla install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 62 versions ( 36.90% of all versions) |
Details
- Published - Dec 16, 2016
- Updated - Aug 6, 2024
CVE References
CVE-2016-9837 usage by Country
 United States | 16,292 websites |
 Italy | 66,613 websites |
 Australia | 24,828 websites |
 GB | 16,750 websites |
 Germany | 14,450 websites |
 Russia | 14,418 websites |
 Poland | 12,826 websites |
 Netherlands | 11,568 websites |
 Iran | 9,246 websites |
 South Africa | 8,925 websites |
CVE-2016-9837 usage by TLD
| .com | 66,701 websites |
| .it | 43,763 websites |
| .com.au | 17,070 websites |
| .ru | 12,316 websites |
| .pl | 9,189 websites |
| .co.uk | 9,022 websites |
| .org | 7,529 websites |
| .de | 6,956 websites |
| .nl | 6,893 websites |
| .net | 5,906 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2016-9837
Top websites that are affected by CVE-2016-9837. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.de | Germany | *,*** | |
| *******.**.ca |  Canada | *,*** | |
| **************.********.com | United States | **,*** | |
| ***********.com | Italy | **,*** | |
| ***********.**.za | South Africa | **,*** | |
| ********.com |  Serbia | **,*** | |
| ***************.com | Italy | **,*** | |
| ********.com | United States | **,*** | |
| *********.com | GB | **,*** | |
| *****.**.uk | GB | **,*** |
FAQ
A total of 273,630 websites have been identified as vulnerable to CVE-2016-9837, discovered through global website indexing conducted by WebTechSurvey.
Joomla is susceptible to CVE-2016-9837 vulnerability.
Joomla versions before 3.6.5 are vulnerable to CVE-2016-9837.
Version 3.6.5 of Joomla addresses the CVE-2016-9837 security vulnerability.