CVSS: 8.8EPSS: 0%CPEs: 180EXPL: 0CVE-2017-11364
https://notcve.org/view.php?id=CVE-2017-11364
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. El instalador CMS en versiones anteriores a la 3.7.4 de Joomla! no verifica la propiedad de un usuario en un espacio web, lo que permite que usuarios remotos autenticados consigan control sobre la aplicación objetivo, haciendo uso de los logs del estándar Certificate Transparency. • http://www.securitytracker.com/id/1039015 https://developer.joomla.org/security-centre/700-20170704-core-installer-lack-of-ownership-verification.html https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf https://twitter.com/hanno/status/890281330906247168 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-2845 – Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-2845
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. Vulnerabilidad de inyección SQL en el componente QuickFAQ (com_quickfaq) 1.0.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "Itemid" en una acción category a index.php. • https://www.exploit-db.com/exploits/14296 http://packetstormsecurity.org/1007-exploits/joomlaquickfaq-sql.txt http://www.exploit-db.com/exploits/14296 http://www.securityfocus.com/bid/41508 https://exchange.xforce.ibmcloud.com/vulnerabilities/60236 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 6CVE-2010-2129 – JE Ajax Event Calendar - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-2129
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente JE Ajax Event Calendar (com_jeajaxeventcalendar) v1.0.1 y v1.0.3 para Joomla! • https://www.exploit-db.com/exploits/12598 http://packetstormsecurity.org/1005-exploits/joomlaajaxec-lfi.txt http://secunia.com/advisories/39836 http://www.exploit-db.com/exploits/12598 http://www.osvdb.org/64704 http://www.securityfocus.com/bid/40179 http://www.xenuser.org/2010/05/14/joomla-component-je-ajax-event-calendar-local-file-inclusion-vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/58602 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 4CVE-2010-1980 – Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1980
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en joomlaflickr.php en el componente Joomla Flickr v1.0.3 (com_joomlaflickr) para Joomla!, permite a atacantes remotos incluir y ejecutar archivos locales de su elección a través de .. • https://www.exploit-db.com/exploits/12085 http://bitbucket.org/roberto.aloi/joomla-flickr/changeset/64ebf6b25030 http://packetstormsecurity.org/1004-exploits/joomlaflickr-lfi.txt http://secunia.com/advisories/39358 http://www.exploit-db.com/exploits/12085 http://www.securityfocus.com/bid/39251 https://exchange.xforce.ibmcloud.com/vulnerabilities/57573 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 4CVE-2010-1531 – Joomla! Component redSHOP 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1531
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente redSHOP (com_redshop) v1.0.x para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12054 http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt http://redcomponent.com/redshop/redshop-changelog http://secunia.com/advisories/39343 http://www.exploit-db.com/exploits/12054 http://www.osvdb.org/63535 http://www.securityfocus.com/bid/39206 https://exchange.xforce.ibmcloud.com/vulnerabilities/57512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •