CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 4CVE-2010-5044 – Joomla! Component Search Log 3.1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-5044
02 Nov 2011 — SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en los models/log.php en el componente Search Log (com_searchlog) v3.1.0 para Joomla! permite a usuarios autenticados remotamente,... • https://www.exploit-db.com/exploits/13746 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2010-4617 – Joomla! Component JotLoader 2.2.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4617
29 Dec 2010 — Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. Vulnerabilidad de salto de directorio en el componente JotLoader (com_jotloader) anterior a v2.2.1 para Joomla!, permite a atacantes remotos leer archivos de su elección a través de secuencias de salto en el parámetro "section" a index.php. • https://www.exploit-db.com/exploits/15791 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •