CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0945 – Joomla! Component com_hotbrackets - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0945
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! HotBrackets Tournament Brackets (com_hotbrackets), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id sobre index.php. • https://www.exploit-db.com/exploits/10953 http://www.exploit-db.com/exploits/10953 http://www.packetstormsecurity.org/0912-exploits/joomlahotbrackets-sql.txt http://www.securityfocus.com/bid/37439 http://www.vupen.com/english/advisories/2010/0021 https://exchange.xforce.ibmcloud.com/vulnerabilities/54986 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0944 – Joomla! Component com_jcollection - Directory Traversal
https://notcve.org/view.php?id=CVE-2010-0944
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente para Joomla! JCollection (com_jcollection), permite a atacantes remotos leer ficheros locales de su elección al utilizar caracteres .. • https://www.exploit-db.com/exploits/11088 http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt http://www.exploit-db.com/exploits/11088 http://www.securityfocus.com/bid/37691 https://exchange.xforce.ibmcloud.com/vulnerabilities/55514 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0942 – Joomla! Component com_jvideodirect - Directory Traversal
https://notcve.org/view.php?id=CVE-2010-0942
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente para Joomla! jVideoDirect (com_jvideodirect), permite a atacantes remotos leer ficheros locales de su elección al utilizar caracteres .. • https://www.exploit-db.com/exploits/11089 http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt http://www.exploit-db.com/exploits/11089 http://www.securityfocus.com/bid/37694 https://exchange.xforce.ibmcloud.com/vulnerabilities/55513 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0796 – Joomla! Component JE Quiz - 'eid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0796
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. Vulnerabilidad de inyección SQL en el componente JE Quiz (com_jequizmanagement) v1.b01 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "eid" en una acción "question" a index.php. • https://www.exploit-db.com/exploits/11287 http://osvdb.org/62039 http://packetstormsecurity.org/1001-exploits/joomlajequiz-sql.txt http://secunia.com/advisories/38412 http://www.exploit-db.com/exploits/11287 http://www.securityfocus.com/bid/38032 https://exchange.xforce.ibmcloud.com/vulnerabilities/56009 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0801 – Joomla! Component AutartiTarot - Directory Traversal
https://notcve.org/view.php?id=CVE-2010-0801
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente AutartiTarot (com_autartitarot) v1.0.3 para Joomla! permite a usuarios remotos autenticados, com permisos de grupo "Public Back-end", leer ficheros de forma arbitraria a través de secuencias de salto de directorio en el parámetro "controller" en una edición de administrator/index.php. • https://www.exploit-db.com/exploits/33590 http://osvdb.org/62041 http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt http://secunia.com/advisories/38434 http://www.securityfocus.com/bid/38034 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •