Page 47 of 808 results (0.004 seconds)

CVSS: 9.1EPSS: 6%CPEs: 2EXPL: 4

19 Apr 2010 — Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente AlphaUserPoints (com_alphauserpoints) v1.5.5 para Joomla!, permite a atacantes remotos leer ficheros locales de su elección y posiblemente tener otros impactos al utilizar caracteres ".." • https://www.exploit-db.com/exploits/12150 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 4

19 Apr 2010 — SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. Vulnerabilidad de inyección SQL en el componente SermonSpeaker (com_sermonspeaker) anteriores a v3.2.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro. • https://www.exploit-db.com/exploits/12184 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.1EPSS: 2%CPEs: 2EXPL: 4

19 Apr 2010 — Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Ternaria Informatica Jfeedback! • https://www.exploit-db.com/exploits/12145 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 5

19 Apr 2010 — SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php. Vulnerabilidad de inyección SQL en el módulo RokModule (com_rokmodule) v1.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "moduleid" en una acción rae sobre index.php. • https://www.exploit-db.com/exploits/21221 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2

19 Apr 2010 — SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente RokModule (com_rokmodule) v1.1 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "module" sobre index.php. • https://www.exploit-db.com/exploits/21221 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3

16 Apr 2010 — Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente Photo Battle (com_photobattle) v1.0.1 para Joomla! permite a atacantes remotos leer archivos de su elección a través del parámetro view en index.php. • https://www.exploit-db.com/exploits/12232 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3

13 Apr 2010 — SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Una vulnerabilidad de inyección SQL en el componente reproductor de HD FLV (com_hdflvplayer) v1.3 de Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en index.php. • https://www.exploit-db.com/exploits/33673 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4

13 Apr 2010 — SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. Vulnerabilidad de inyección SQL en el componente JProjects (com_j-projects) para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro project en una acción projects (proyectos) a index.php. • https://www.exploit-db.com/exploits/10988 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 6

12 Apr 2010 — SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. Vulnerabilidad de inyección SQL en el componente JP Jobs (com_jp_jobs) v1.4.1 y anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en una acción detail (detalle) a index.php. • https://www.exploit-db.com/exploits/12191 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 3

12 Apr 2010 — Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente JOOFORGE Jukebox(com_jukebox) v1.0 y v1.7 para Joomla! • https://www.exploit-db.com/exploits/12084 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •