CVSS: 9.1EPSS: 13%CPEs: 2EXPL: 3CVE-2010-1470 – Joomla! Component Web TV 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1470
19 Apr 2010 — Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Web TV (com_webtv) v1.0 para Joomla!, permite a atacantes remotos leer ficheros locales de su elección y posiblemente tener otros efectos no determinados a través de los caracteres ".." • https://www.exploit-db.com/exploits/12166 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 3CVE-2010-1352 – Joomla! Component Juke Box 1.7 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1352
12 Apr 2010 — Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente JOOFORGE Jukebox(com_jukebox) v1.0 y v1.7 para Joomla! • https://www.exploit-db.com/exploits/12084 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 4CVE-2010-1354 – Joomla! Component VJDEO 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1354
12 Apr 2010 — Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en el componente VJDEO (com_vjdeo) v1.0 y v1.0.1 para Joomla! • https://www.exploit-db.com/exploits/12102 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 12%CPEs: 20EXPL: 3CVE-2010-1307 – Joomla! Component Magic Updater - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1307
08 Apr 2010 — Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Magic Updater (com_joomlaupdater) para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12070 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 4CVE-2010-1302 – Joomla! Component DW Graph - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1302
07 Apr 2010 — Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. Vulnerabilidad de salto de directorio en dwgraphs.php en el componente DecryptWeb DW Graphs v1.0 para Joomla!, permite a atacantes remotos leer archivos de su elección a través de secuencias de salto de directorio en el parámetro "controller" a index.php • https://www.exploit-db.com/exploits/11978 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 2CVE-2010-1219 – Joomla! Component com_janews - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1219
30 Mar 2010 — Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente JA News (com_janews) versión 1.0 para Joomla! • https://www.exploit-db.com/exploits/11757 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 7%CPEs: 19EXPL: 4CVE-2010-1056 – Joomla! Component com_rokdownloads - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1056
23 Mar 2010 — Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente RokDownloads (com_rokdownloads) anterior v1.0.1 para Joomla! permite a atacantes remotos incluir o ejecutar archivos locales de su elección a través del caracer .. • https://www.exploit-db.com/exploits/11760 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0795 – Joomla! Component JE Event Calendar - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0795
02 Mar 2010 — SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. Vulnerabilidad de inyección SQL en el componente JE Event Calendars (com_jeeventcalendar) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "event_id" en una acción "event" a index.php. • https://www.exploit-db.com/exploits/11292 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 3CVE-2010-0796 – Joomla! Component JE Quiz - 'eid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0796
02 Mar 2010 — SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. Vulnerabilidad de inyección SQL en el componente JE Quiz (com_jequizmanagement) v1.b01 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "eid" en una acción "question" a index.php. • https://www.exploit-db.com/exploits/11287 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4CVE-2010-0461 – Joomla! Component com_casino - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0461
28 Jan 2010 — SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php. Vulnerabilidad de inyección SQL en el componente casino (com_casino) v1.0 para Joomla! permite a atacantes remotos comandos SQL arbitrarios a través de el parámetro "id" en la acción (1) categoría o (2) player a index.php. • https://www.exploit-db.com/exploits/11237 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •