CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7482 – Joomla! K2 2.8.0 Arbitrary File Download
https://notcve.org/view.php?id=CVE-2018-7482
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request. The specific pathname ../configuration.php should be base64 encoded for a valid attack. • https://exploit-db.com/exploits/44188 https://www.joomlaworks.net/forum/forum-updates-other-resources/49046-false-cve-report-on-k2-v2-8-0 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2009-2395 – Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2009-2395
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. Vulnerabilidad de inyección de SQL en el componente K2 (com_k2) v1.0.1 beta y anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro categoría (category)en una acción itemlist a index.php. • https://www.exploit-db.com/exploits/9030 http://www.exploit-db.com/exploits/9030 http://www.securityfocus.com/bid/35517 http://www.vupen.com/english/advisories/2009/1733 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •