CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7482 – Joomla! K2 2.8.0 Arbitrary File Download
https://notcve.org/view.php?id=CVE-2018-7482
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request. The specific pathname ../configuration.php should be base64 encoded for a valid attack. • https://exploit-db.com/exploits/44188 https://www.joomlaworks.net/forum/forum-updates-other-resources/49046-false-cve-report-on-k2-v2-8-0 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 42%CPEs: 4EXPL: 3CVE-2010-0696 – Joomla! Component Jw_allVideos - Arbitrary File Download
https://notcve.org/view.php?id=CVE-2010-0696
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter. Vulnerabilidad de salto de directorio en includes/download.php en el plugin JoomlaWorks AllVideos (Jw_allVideos) desde v3.0 hasta v3.2 para Joomla! permite a atacantes remotos leer ficheros arbitrarios a través de ./../.../ (punto punto modificado) en el parámetro "file". • https://www.exploit-db.com/exploits/11447 http://osvdb.org/62331 http://secunia.com/advisories/38587 http://www.exploit-db.com/exploits/11447 http://www.joomlaworks.gr/content/view/77/34 http://www.securityfocus.com/bid/38238 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2395 – Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2395
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. Vulnerabilidad de inyección de SQL en el componente K2 (com_k2) v1.0.1 beta y anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro categoría (category)en una acción itemlist a index.php. • https://www.exploit-db.com/exploits/9030 http://www.exploit-db.com/exploits/9030 http://www.securityfocus.com/bid/35517 http://www.vupen.com/english/advisories/2009/1733 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •