Page 85 of 804 results (0.008 seconds)

CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 2

Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente iNetLanka Contact Us Draw Root Map (com_drawroot) v1.1 para Joomla!, permite a atacantes remotos leer archivos de su elección y posiblemente tener otro impacto no especificado a través de .. • https://www.exploit-db.com/exploits/12289 http://secunia.com/advisories/39524 http://www.exploit-db.com/exploits/12289 http://www.vupen.com/english/advisories/2010/0926 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php. Vulnerabilidad de inyección SQL en el componente Intellectual Property (también conocido como IProperty or com_iproperty) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción agentproperties en index.php • https://www.exploit-db.com/exploits/12246 http://extensions.thethinkery.net http://osvdb.org/63750 http://secunia.com/advisories/39427 http://www.exploit-db.com/exploits/12246 http://www.securityfocus.com/bid/39495 https://exchange.xforce.ibmcloud.com/vulnerabilities/57875 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4

SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php. Vulnerabilidad de inyección SQL en el componente Q-Personel (com_qpersonel) v1.0.2 y anteriores para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro katid en una acción qpListele sobre index.php. • https://www.exploit-db.com/exploits/12723 https://www.exploit-db.com/exploits/12200 http://osvdb.org/63894 http://secunia.com/advisories/39445 http://www.exploit-db.com/exploits/12200 http://www.securityfocus.com/bid/39466 http://www.xenuser.org/documents/security/qpersonel_sql.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/57775 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 3

Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente MT Fire Eagle (com_mtfireeagle) v1.2 para Joomla!, permite a atacantes remotos leer archivos de su elección y posiblemente provocar otro impacto no especificado a través de .. • https://www.exploit-db.com/exploits/12233 http://osvdb.org/63806 http://packetstormsecurity.org/1004-exploits/joomlamtfireeagle-lfi.txt http://secunia.com/advisories/39470 http://www.exploit-db.com/exploits/12233 http://www.securityfocus.com/bid/39509 https://exchange.xforce.ibmcloud.com/vulnerabilities/57850 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 3

Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Arcade Games (com_arcadegames) v1.0 para Joomla!, permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12168 http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt http://secunia.com/advisories/39413 http://www.exploit-db.com/exploits/12168 http://www.osvdb.org/63660 http://www.vupen.com/english/advisories/2010/0860 https://exchange.xforce.ibmcloud.com/vulnerabilities/57683 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •