CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 6CVE-2010-2129 – JE Ajax Event Calendar - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-2129
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente JE Ajax Event Calendar (com_jeajaxeventcalendar) v1.0.1 y v1.0.3 para Joomla! • https://www.exploit-db.com/exploits/12598 http://packetstormsecurity.org/1005-exploits/joomlaajaxec-lfi.txt http://secunia.com/advisories/39836 http://www.exploit-db.com/exploits/12598 http://www.osvdb.org/64704 http://www.securityfocus.com/bid/40179 http://www.xenuser.org/2010/05/14/joomla-component-je-ajax-event-calendar-local-file-inclusion-vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/58602 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-1716 – Joomla! Component Agenda Address Book 1.0.1 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1716
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente Agenda Address Book (com_agenda) v1.0.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id" en una acción de detalle a index.php. • https://www.exploit-db.com/exploits/12132 http://secunia.com/advisories/39238 http://www.exploit-db.com/exploits/12132 http://www.joomlanetprojects.com/index.php/en/joomla-projects-downloads/joomla-1/joomla-1/42-comagenda.html http://www.osvdb.org/63723 http://www.securityfocus.com/bid/39380 https://exchange.xforce.ibmcloud.com/vulnerabilities/57770 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-1533 – Joomla! Component TweetLA 1.0.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1533
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Una vulnerabilidad de salto de directorio en el componente para Joomla! TweetLA (com_tweetla) v1.01 permite a atacantes remotos leer ficheros arbitrarios a través de un .. • https://www.exploit-db.com/exploits/12142 http://secunia.com/advisories/39258 http://www.exploit-db.com/exploits/12142 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-1535 – Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1535
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente TRAVELbook (com_travelbook) v1.0.1 para Joomla! permite a atacantes remotos leer archivos de su elección y probablemente provocar otros impactos no especificados a través de .. • https://www.exploit-db.com/exploits/12151 http://secunia.com/advisories/39254 http://www.exploit-db.com/exploits/12151 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 4CVE-2010-1531 – Joomla! Component redSHOP 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1531
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente redSHOP (com_redshop) v1.0.x para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12054 http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt http://redcomponent.com/redshop/redshop-changelog http://secunia.com/advisories/39343 http://www.exploit-db.com/exploits/12054 http://www.osvdb.org/63535 http://www.securityfocus.com/bid/39206 https://exchange.xforce.ibmcloud.com/vulnerabilities/57512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •