29 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 180EXPL: 0

The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. El instalador CMS en versiones anteriores a la 3.7.4 de Joomla! no verifica la propiedad de un usuario en un espacio web, lo que permite que usuarios remotos autenticados consigan control sobre la aplicación objetivo, haciendo uso de los logs del estándar Certificate Transparency. • http://www.securitytracker.com/id/1039015 https://developer.joomla.org/security-centre/700-20170704-core-installer-lack-of-ownership-verification.html https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf https://twitter.com/hanno/status/890281330906247168 • CWE-295: Improper Certificate Validation •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 3

SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en helper/popup.php en el componente ccNewsletter (mod_ccnewsletter) v1.0.7 a v1.0.9 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id. • https://www.exploit-db.com/exploits/37101 http://packetstormsecurity.org/files/112092/Joomla-CCNewsLetter-1.0.7-SQL-Injection.html http://secunia.com/advisories/48934 http://www.chillcreations.com/blog/5-ccnewsletter-joomla-newsletter/274-ccnewsletter-1010-security-release.html http://www.securityfocus.com/bid/53208 https://exchange.xforce.ibmcloud.com/vulnerabilities/75112 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 4

Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente redSHOP (com_redshop) v1.0.x para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12054 http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt http://redcomponent.com/redshop/redshop-changelog http://secunia.com/advisories/39343 http://www.exploit-db.com/exploits/12054 http://www.osvdb.org/63535 http://www.securityfocus.com/bid/39206 https://exchange.xforce.ibmcloud.com/vulnerabilities/57512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 2

Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Community Polls (com_communitypolls) v1.5.2, y posiblemente anteriores, para Core Joomla! permite a atacantes remotos leer ficheros arbitrarios a través de un .. • https://www.exploit-db.com/exploits/11511 http://osvdb.org/62506 http://packetstormsecurity.org/1002-exploits/joomlacp-lfi.txt http://secunia.com/advisories/38692 http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html http://www.securityfocus.com/bid/38330 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 3

SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. Vulnerabilidad de inyección SQL en el componente jTips (com_jtips) v1.0.7 y 1.0.9 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "season" en una acción lander al index.php. • https://www.exploit-db.com/exploits/9504 http://www.exploit-db.com/exploits/9504 http://www.securityfocus.com/bid/36123 http://www.vupen.com/english/advisories/2009/2405 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •