CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 5CVE-2010-1493 – Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection
https://notcve.org/view.php?id=CVE-2010-1493
23 Apr 2010 — SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. Vulnerabilidad de inyección SQL en el componente de Joomla! AWDwall (com_awdwall) antes de v1.5.5 permite a atacantes remotos ejecutar comandos SQL a través del parámetro cbuser a index.php en una acción awdwall. • https://www.exploit-db.com/exploits/12113 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 4CVE-2010-1494 – Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection
https://notcve.org/view.php?id=CVE-2010-1494
23 Apr 2010 — Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente AWDwall (com_awdwall) v1.5.4 de Joomla! permite a atacantes remotos leer ficheros de su elección mediante un .. • https://www.exploit-db.com/exploits/12113 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •