35 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 180EXPL: 0

The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. El instalador CMS en versiones anteriores a la 3.7.4 de Joomla! no verifica la propiedad de un usuario en un espacio web, lo que permite que usuarios remotos autenticados consigan control sobre la aplicación objetivo, haciendo uso de los logs del estándar Certificate Transparency. • http://www.securitytracker.com/id/1039015 https://developer.joomla.org/security-centre/700-20170704-core-installer-lack-of-ownership-verification.html https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf https://twitter.com/hanno/status/890281330906247168 • CWE-295: Improper Certificate Validation •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. Vulnerabilidad no especificada en el componente NinjaXplorer anterior a v1.0.7 para Joomla! tiene un impacto desconocido y vectores de ataque. • http://ninjaforge.com/blog/318-security-vulnerability-discovered-in-ninjaxplorer-upgrade-immediately http://secunia.com/advisories/48958 http://www.osvdb.org/81630 http://www.securityfocus.com/bid/53256 https://exchange.xforce.ibmcloud.com/vulnerabilities/75161 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4

SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. Vulnerabilidad de inyección SQL en el componente Media Mall Factory (com_mediamall) v1.0.4 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro category a index.php. • https://www.exploit-db.com/exploits/12234 http://secunia.com/advisories/39546 http://www.exploit-db.com/exploits/12234 http://www.osvdb.org/63940 http://www.packetstormsecurity.com/1004-exploits/joomlamediamallfactory-bsql.txt http://www.securityfocus.com/bid/39488 http://www.thefactory.ro/shop/joomla-components/media-mall.html https://exchange.xforce.ibmcloud.com/vulnerabilities/57906 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 4

Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente redSHOP (com_redshop) v1.0.x para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12054 http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt http://redcomponent.com/redshop/redshop-changelog http://secunia.com/advisories/39343 http://www.exploit-db.com/exploits/12054 http://www.osvdb.org/63535 http://www.securityfocus.com/bid/39206 https://exchange.xforce.ibmcloud.com/vulnerabilities/57512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 2

Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Community Polls (com_communitypolls) v1.5.2, y posiblemente anteriores, para Core Joomla! permite a atacantes remotos leer ficheros arbitrarios a través de un .. • https://www.exploit-db.com/exploits/11511 http://osvdb.org/62506 http://packetstormsecurity.org/1002-exploits/joomlacp-lfi.txt http://secunia.com/advisories/38692 http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html http://www.securityfocus.com/bid/38330 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •