CVSS: 8.8EPSS: 0%CPEs: 180EXPL: 0CVE-2017-11364
https://notcve.org/view.php?id=CVE-2017-11364
The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. El instalador CMS en versiones anteriores a la 3.7.4 de Joomla! no verifica la propiedad de un usuario en un espacio web, lo que permite que usuarios remotos autenticados consigan control sobre la aplicación objetivo, haciendo uso de los logs del estándar Certificate Transparency. • http://www.securitytracker.com/id/1039015 https://developer.joomla.org/security-centre/700-20170704-core-installer-lack-of-ownership-verification.html https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf https://twitter.com/hanno/status/890281330906247168 • CWE-295: Improper Certificate Validation •
CVSS: 6.0EPSS: 0%CPEs: 7EXPL: 0CVE-2011-5004
https://notcve.org/view.php?id=CVE-2011-5004
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. Vulnerabilidad de subida no restringida de ficheros en models/importcsv.php en el componente Fabrik (com_fabrik) anterior a v2.1.1 para Joomla! permite a atacantes remotos con privilegios Manager ejecutar código de su elección al subir un fichero con una extensión ejecutable, accediendo posteriormente mediante una petición directa del fichero en un directorio no especificado. • http://secunia.com/advisories/47036 http://www.ohloh.net/p/3417/commits/145749116 http://www.osvdb.org/77371 http://www.securityfocus.com/bid/50823 http://www.vulnerability-lab.com/get_content.php?id=342 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 3CVE-2010-1718 – Joomla! Component Archery Scores 1.0.6 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1718
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. Vulnerabilidad de salto de directorio en archeryscores.php del componente Archery Scores (com_archeryscores) v1.0.6 para Joomla!, permite a atacantes remotos incluir y ejecutar ficheros locales de su elección al utilizar caracteres .. • https://www.exploit-db.com/exploits/12282 http://secunia.com/advisories/39521 http://www.exploit-db.com/exploits/12282 http://www.securityfocus.com/bid/39545 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 4CVE-2010-1653 – Joomla! Component Graphics 1.0.6 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1653
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de salto de directorio en graphics.php del componente de Joomla! • https://www.exploit-db.com/exploits/12430 http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt http://secunia.com/advisories/39585 http://www.exploit-db.com/exploits/12430 http://www.securityfocus.com/bid/39743 http://www.vupen.com/english/advisories/2010/1004 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 4CVE-2010-1531 – Joomla! Component redSHOP 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1531
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. Vulnerabilidad de salto de directorio en el componente redSHOP (com_redshop) v1.0.x para Joomla! permite a atacantes remotos leer archivos de su elección a través de .. • https://www.exploit-db.com/exploits/12054 http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt http://redcomponent.com/redshop/redshop-changelog http://secunia.com/advisories/39343 http://www.exploit-db.com/exploits/12054 http://www.osvdb.org/63535 http://www.securityfocus.com/bid/39206 https://exchange.xforce.ibmcloud.com/vulnerabilities/57512 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •