CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 4CVE-2010-1305 – Joomla! Component JInventory 1.23.02 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1305
08 Apr 2010 — Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente JInventory (com_jinventory) v1.23.02 y posiblemente versiones previas a la v1.26.03, para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12065 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 4CVE-2010-1306 – Joomla! Component Picasa 2.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1306
08 Apr 2010 — Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente Picasa (com_joomlapicasa2) versiones 2.0 y 2.0.5 para Joomla! • https://www.exploit-db.com/exploits/12058 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 12%CPEs: 20EXPL: 3CVE-2010-1307 – Joomla! Component Magic Updater - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1307
08 Apr 2010 — Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Magic Updater (com_joomlaupdater) para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12070 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 3CVE-2010-1308 – Joomla! Component SVMap 1.1.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1308
08 Apr 2010 — Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente SVMap (com_svmap) v1.1.1 para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12066 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 4CVE-2010-1302 – Joomla! Component DW Graph - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1302
07 Apr 2010 — Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. Vulnerabilidad de salto de directorio en dwgraphs.php en el componente DecryptWeb DW Graphs v1.0 para Joomla!, permite a atacantes remotos leer archivos de su elección a través de secuencias de salto de directorio en el parámetro "controller" a index.php • https://www.exploit-db.com/exploits/11978 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 4CVE-2010-1265 – Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1265
06 Apr 2010 — SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. Vulnerabilidad de inyección SQL en Adam Corley dcsFlashGames (com_dcs_flashgames) permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "catid" a index.php. • https://www.exploit-db.com/exploits/11884 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 4CVE-2010-1217 – Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1217
30 Mar 2010 — Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected. Vulnerabilidad de salto de directorio en el componente JE Form Creator (com_jeformcr) para Joomla!, cua... • https://www.exploit-db.com/exploits/11814 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 2CVE-2010-1219 – Joomla! Component com_janews - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1219
30 Mar 2010 — Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en el componente JA News (com_janews) versión 1.0 para Joomla! • https://www.exploit-db.com/exploits/11757 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 15%CPEs: 13EXPL: 2CVE-2010-1081 – Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1081
23 Mar 2010 — Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Community Polls (com_communitypolls) v1.5.2, y posiblemente anteriores, para Core Joomla! permite a atacantes remotos leer ficheros arbitrarios a través de un .. • https://www.exploit-db.com/exploits/11511 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2010-1073 – com_jembed - 'catid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-1073
23 Mar 2010 — SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. Vulnerabilidad de inyección SQL en el componente jEmbed-Embed Anything (com_jembed)para Joomla! permite a atacantes remotos ejecutar comandos SQL de forma arbitraria a través del parámetro "catid" en una acción "summary" a index.php. • https://www.exploit-db.com/exploits/11026 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •