Page 100 of 804 results (0.012 seconds)

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 4

CVE-2010-0943 – Joomla! Component com_jashowcase - Directory Traversal

https://notcve.org/view.php?id=CVE-2010-0943

Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. Vulnerabilidad de salto de directorio en el componente para Joomla!JA Showcase (com_jashowcase), permite a atacantes remotos leer ficheros locales de su elección al utilizar caracteres .. • https://www.exploit-db.com/exploits/11090 http://packetstormsecurity.org/1001-exploits/joomlajashowcase-traversal.txt http://secunia.com/advisories/33486 http://www.exploit-db.com/exploits/11090 http://www.securityfocus.com/bid/37692 https://exchange.xforce.ibmcloud.com/vulnerabilities/55512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 4

CVE-2010-0942 – Joomla! Component com_jvideodirect - Directory Traversal

https://notcve.org/view.php?id=CVE-2010-0942

Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente para Joomla! jVideoDirect (com_jvideodirect), permite a atacantes remotos leer ficheros locales de su elección al utilizar caracteres .. • https://www.exploit-db.com/exploits/11089 http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt http://www.exploit-db.com/exploits/11089 http://www.securityfocus.com/bid/37694 https://exchange.xforce.ibmcloud.com/vulnerabilities/55513 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

CVE-2010-0946 – Joomla! Component com_ksadvertiser - SQL Injection

https://notcve.org/view.php?id=CVE-2010-0946

SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php. Vulnerabilidad de inyección SQL en el componente para Joomla! Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser), permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro pid en una accción showcats sobre index.php. • https://www.exploit-db.com/exploits/11068 http://explo.it/exploits/11068 http://www.securityfocus.com/bid/37682 https://exchange.xforce.ibmcloud.com/vulnerabilities/55526 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 4

CVE-2010-0801 – Joomla! Component AutartiTarot - Directory Traversal

https://notcve.org/view.php?id=CVE-2010-0801

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente AutartiTarot (com_autartitarot) v1.0.3 para Joomla! permite a usuarios remotos autenticados, com permisos de grupo "Public Back-end", leer ficheros de forma arbitraria a través de secuencias de salto de directorio en el parámetro "controller" en una edición de administrator/index.php. • https://www.exploit-db.com/exploits/33590 http://osvdb.org/62041 http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt http://secunia.com/advisories/38434 http://www.securityfocus.com/bid/38034 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

CVE-2010-0800 – Joomla! Component com_dms 2.5.1 - SQL Injection

https://notcve.org/view.php?id=CVE-2010-0800

SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. Vulnerabilidad de inyección SQL en el componente Ossolution Team Documents Seller (aka DMS) (com_dms) v2.5.1 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro "category_id" en una acción "view_category" a index.php. • https://www.exploit-db.com/exploits/11289 http://osvdb.org/62040 http://secunia.com/advisories/38410 http://www.exploit-db.com/exploits/11289 http://www.securityfocus.com/bid/38017 http://www.securityfocus.com/bid/38024 https://exchange.xforce.ibmcloud.com/vulnerabilities/56006 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •