Page 89 of 804 results (0.004 seconds)

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 5

SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. Vulnerabilidad de inyección SQL en el componente de Joomla! AWDwall (com_awdwall) antes de v1.5.5 permite a atacantes remotos ejecutar comandos SQL a través del parámetro cbuser a index.php en una acción awdwall. • https://www.exploit-db.com/exploits/12113 http://packetstormsecurity.org/1004-exploits/joomlaawdwall-lfisql.txt http://secunia.com/advisories/39553 http://www.awdwall.com/index.php/awdwall-updates-logs- http://www.exploit-db.com/exploits/12113 http://www.osvdb.org/63942 http://www.securityfocus.com/bid/38194 https://exchange.xforce.ibmcloud.com/vulnerabilities/57694 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 4

Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente AWDwall (com_awdwall) v1.5.4 de Joomla! permite a atacantes remotos leer ficheros de su elección mediante un .. • https://www.exploit-db.com/exploits/12113 http://packetstormsecurity.org/1004-exploits/joomlaawdwall-lfisql.txt http://secunia.com/advisories/39553 http://www.awdwall.com/index.php/awdwall-updates-logs- http://www.exploit-db.com/exploits/12113 http://www.osvdb.org/63943 http://www.securityfocus.com/bid/39331 https://exchange.xforce.ibmcloud.com/vulnerabilities/57693 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 5

Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Una vulnerabilidad de salto de directorio en el componente para Joomla! Matamko (com_matamko) v1.01 permite a atacantes remotos leer ficheros arbitrarios a través de un .. • https://www.exploit-db.com/exploits/12286 http://osvdb.org/63918 http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt http://secunia.com/advisories/39523 http://www.exploit-db.com/exploits/12286 http://www.securityfocus.com/bid/39550 http://www.vupen.com/english/advisories/2010/0929 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 4

Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente MMS Blog (com_mmsblog) v2.3.0 de Joomla! permite a atacantes remotos leer ficheros de su elección y puede que tener otros impactos no especificados a través de un .. • https://www.exploit-db.com/exploits/12318 http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt http://secunia.com/advisories/39533 http://www.exploit-db.com/exploits/12318 http://www.securityfocus.com/bid/39607 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 6

SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. Vulnerabilidad de inyección SQL en el componente JoltCard (com_joltcard) v1.2.1 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cardID en una acción view de index.php. • https://www.exploit-db.com/exploits/12269 http://packetstormsecurity.org/1004-exploits/joomlajoltcard-sql.txt http://secunia.com/advisories/39520 http://www.exploit-db.com/exploits/12269 http://www.osvdb.org/63913 http://www.securityfocus.com/bid/39541 http://www.xenuser.org/documents/security/joomla_com_joltcard_sqli.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/57910 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •