Replace all cvedeails.com links with nist
parent
1a7a599425
commit
5486b3444a
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/6817
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6172
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-6172
|
||||
- http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
|
||||
- http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/36994
|
||||
- https://www.cvedetails.com/cve/CVE-2009-5114
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-5114
|
||||
- http://websecurity.com.ua/2628/
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74321
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10943
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0157
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0157
|
||||
- http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11282
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0467
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0467
|
||||
- http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/
|
||||
- http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
|
||||
remediation: Apply all relevant security patches and upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11447
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0696
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0696
|
||||
- http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
|
||||
- http://www.joomlaworks.gr/content/view/77/34/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11498
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0759
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0759
|
||||
- http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
|
||||
- http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11089
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0942
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0942
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11090
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0943
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0943
|
||||
- http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
|
||||
- http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11088
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0944
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0944
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt
|
||||
- http://www.exploit-db.com/exploits/11088
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11738
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0972
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0972
|
||||
- http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
|
||||
- http://www.exploit-db.com/exploits/11738
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10942
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0982
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0982
|
||||
- http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
|
||||
- http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10948
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0985
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0985
|
||||
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
|
||||
- http://www.exploit-db.com/exploits/10948
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11760
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1056
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1056
|
||||
- http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
|
||||
- http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11511
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1081
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1081
|
||||
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11814
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1217
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1217
|
||||
- http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt
|
||||
- http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11757
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1219
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1219
|
||||
- http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
|
||||
- http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11978
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1302
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1302
|
||||
- http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
|
||||
- http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11998
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1304
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1304
|
||||
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
|
||||
- http://www.exploit-db.com/exploits/11998
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12065
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1305
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1305
|
||||
- http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
|
||||
- http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12058
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1306
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1306
|
||||
- http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
|
||||
- http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12070
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1307
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1307
|
||||
- http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
|
||||
- http://www.vupen.com/english/advisories/2010/0806
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12066
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1308
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1308
|
||||
- http://www.vupen.com/english/advisories/2010/0809
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12077
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1312
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1312
|
||||
- http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12082
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1313
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1313
|
||||
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
|
||||
- http://www.exploit-db.com/exploits/12082
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12086
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1314
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1314
|
||||
- http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11999
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1315
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1315
|
||||
- http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/33797
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1340
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1340
|
||||
- http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/
|
||||
- http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15453
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1345
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1345
|
||||
- http://www.exploit-db.com/exploits/11785
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12084
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1352
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1352
|
||||
- http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12068
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1353
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1353
|
||||
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/
|
||||
- http://www.vupen.com/english/advisories/2010/0808
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12102
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1354
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1354
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
|
||||
- http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12232
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1461
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1461
|
||||
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
|
||||
- http://www.exploit-db.com/exploits/12232
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12146
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1469
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1469
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/12146
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12166
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1470
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1470
|
||||
- http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
|
||||
- http://www.exploit-db.com/exploits/12166
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12170
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1471
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1471
|
||||
- http://www.vupen.com/english/advisories/2010/0862
|
||||
classification:
|
||||
cve-id: CVE-2010-1471
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12167
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1472
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1472
|
||||
- http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
|
||||
- http://www.exploit-db.com/exploits/12167
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12171
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1473
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1473
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
|
||||
- http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12182
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1474
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1474
|
||||
- http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
|
||||
- http://www.exploit-db.com/exploits/12182
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12147
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1475
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1475
|
||||
- http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
|
||||
- http://www.exploit-db.com/exploits/12147
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12150
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1476
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1476
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt
|
||||
- http://www.alphaplug.com/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12145
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1478
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1478
|
||||
- http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/
|
||||
- http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12318
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1491
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1491
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt
|
||||
- http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12113
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1494
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1494
|
||||
- http://www.exploit-db.com/exploits/12113
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12286
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1495
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1495
|
||||
- http://www.vupen.com/english/advisories/2010/0929
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12054
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1531
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1531
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12118
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1532
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1532
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt
|
||||
- http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12142
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1533
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1533
|
||||
- http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/
|
||||
- http://www.exploit-db.com/exploits/12142
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12067
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1534
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1534
|
||||
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/
|
||||
- http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/
|
||||
remediation: Upgrade to a supported version
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12151
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1535
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1535
|
||||
- http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/
|
||||
- http://www.exploit-db.com/exploits/12151
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11625
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1540
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1540
|
||||
- http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/
|
||||
- http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12236
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1601
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1601
|
||||
- http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12283
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1602
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1602
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt
|
||||
classification:
|
||||
cve-id: CVE-2010-1602
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12284
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1603
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1603
|
||||
- http://web.archive.org/web/20210518112730/https://www.securityfocus.com/bid/39546
|
||||
- http://www.vupen.com/english/advisories/2010/0931
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12316
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1607
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1607
|
||||
- http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/
|
||||
- http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12430
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1653
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1653
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt
|
||||
- http://web.archive.org/web/20210121195909/https://www.securityfocus.com/bid/39743/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12427
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1658
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1658
|
||||
- http://www.vupen.com/english/advisories/2010/1007
|
||||
classification:
|
||||
cve-id: CVE-2010-1658
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12168
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1714
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1714
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt
|
||||
- http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12174
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1715
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1715
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
|
||||
classification:
|
||||
cve-id: CVE-2010-1715
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12291
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1717
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1717
|
||||
- http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/
|
||||
- http://www.vupen.com/english/advisories/2010/0924
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12282
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1718
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1718
|
||||
- http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/
|
||||
- http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12233
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1719
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1719
|
||||
- http://www.exploit-db.com/exploits/12233
|
||||
classification:
|
||||
cve-id: CVE-2010-1719
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12177
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1722
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1722
|
||||
- http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/
|
||||
- http://www.exploit-db.com/exploits/12177
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12289
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1723
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1723
|
||||
- http://web.archive.org/web/20140805101847/http://secunia.com/advisories/39524/
|
||||
- http://www.exploit-db.com/exploits/12289
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11853
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1858
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1858
|
||||
- http://web.archive.org/web/20210121194940/https://www.securityfocus.com/bid/38911/
|
||||
- http://packetstormsecurity.org/1003-exploits/joomlasmestorage-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11851
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1875
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1875
|
||||
- http://web.archive.org/web/20140802140355/http://secunia.com/advisories/39074/
|
||||
- http://web.archive.org/web/20210121194939/https://www.securityfocus.com/bid/38912/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12317
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1878
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1878
|
||||
- http://web.archive.org/web/20210121195712/https://www.securityfocus.com/bid/39606/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaorgchart-lfi.txt
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12239
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1952
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1952
|
||||
- http://web.archive.org/web/20151016194238/http://secunia.com/advisories/39475/
|
||||
- http://www.exploit-db.com/exploits/12239
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12288
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1953
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1953
|
||||
- http://www.vupen.com/english/advisories/2010/0927
|
||||
- http://www.exploit-db.com/exploits/12288
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12287
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1954
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1954
|
||||
- http://web.archive.org/web/20210121195625/https://www.securityfocus.com/bid/39552/
|
||||
- http://www.exploit-db.com/exploits/12287
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12238
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1955
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1955
|
||||
- http://web.archive.org/web/20210121195552/https://www.securityfocus.com/bid/39508/
|
||||
- http://web.archive.org/web/20140803091440/http://secunia.com/advisories/39473/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12285
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1956
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1956
|
||||
- http://web.archive.org/web/20140805105431/http://secunia.com/advisories/39522/
|
||||
- http://www.exploit-db.com/exploits/12285
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12235
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1957
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1957
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlalovefactory-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12083
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1977
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1977
|
||||
- http://web.archive.org/web/20210121195306/https://www.securityfocus.com/bid/39243/
|
||||
- http://web.archive.org/web/20140724201603/http://secunia.com/advisories/39356/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12088
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1979
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1979
|
||||
- http://web.archive.org/web/20140724185517/http://secunia.com/advisories/39360/
|
||||
- http://www.exploit-db.com/exploits/12088
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12085
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1980
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1980
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaflickr-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/12085
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12087
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1981
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1981
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlafabrik-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/12087
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12121
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1982
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1982
|
||||
- http://web.archive.org/web/20140723233933/http://secunia.com/advisories/39202/
|
||||
- http://web.archive.org/web/20210121195400/https://www.securityfocus.com/bid/39343/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A drectory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12055
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1983
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1983
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaredtwitter-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/12055
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://packetstormsecurity.com/files/89654/Joomla-Percha-Categories-Tree-0.6-Local-File-Inclusion.html
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2033
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2033
|
||||
- http://web.archive.org/web/20140805143014/http://secunia.com/advisories/39873/
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/34003
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2034
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2034
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/34006
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2035
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2035
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlaperchagl-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/34004
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2036
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2036
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlaperchafa-lfi.txt
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/34005
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2037
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2037
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlaperchada-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12595
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2045
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2045
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlafdione-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12611
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2050
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2050
|
||||
- http://web.archive.org/web/20210121200643/https://www.securityfocus.com/bid/40185/
|
||||
- http://packetstormsecurity.org/1005-exploits/joomlamscomment-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12623
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2122
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2122
|
||||
- https://www.exploit-db.com/exploits/12618
|
||||
- http://web.archive.org/web/20210624180854/https://www.securityfocus.com/bid/40192
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12607
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2128
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2128
|
||||
- http://web.archive.org/web/20140801195113/http://secunia.com/advisories/39832/
|
||||
- http://www.exploit-db.com/exploits/12607
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10946
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2259
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2259
|
||||
- http://web.archive.org/web/20140724121430/http://secunia.com/advisories/37866/
|
||||
- http://www.exploit-db.com/exploits/10946
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/13981
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2507
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2507
|
||||
- http://web.archive.org/web/20140805070317/http://secunia.com/advisories/40297/
|
||||
- http://packetstormsecurity.org/1006-exploits/joomlapicasa2gallery-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/14064
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2680
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2680
|
||||
- http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt
|
||||
- http://web.archive.org/web/20210121201853/https://www.securityfocus.com/bid/41163/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/14017
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2682
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2682
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlarealtyna-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/14017
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the cid parameter to album.html.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/14274
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2857
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2857
|
||||
- http://web.archive.org/web/20210121202225/https://www.securityfocus.com/bid/41485/
|
||||
- http://www.exploit-db.com/exploits/14274
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/31708
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2918
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2918
|
||||
- http://web.archive.org/web/20210127190100/https://www.securityfocus.com/bid/28942/
|
||||
- https://www.exploit-db.com/exploits/14476
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12120
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2920
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2920
|
||||
- http://www.vupen.com/english/advisories/2010/1844
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/14845
|
||||
- https://www.cvedetails.com/cve/CVE-2010-3203
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-3203
|
||||
- http://web.archive.org/web/20150105095919/http://secunia.com:80/advisories/41187/
|
||||
- http://www.exploit-db.com/exploits/14845
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/14964
|
||||
- https://www.cvedetails.com/cve/CVE-2010-3426
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-3426
|
||||
- http://packetstormsecurity.org/1009-exploits/joomlajphone-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/14964
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15643
|
||||
- https://www.cvedetails.com/cve/CVE-2010-4282
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-4282
|
||||
- http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download
|
||||
- http://www.exploit-db.com/exploits/15643
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15791
|
||||
- https://www.cvedetails.com/cve/CVE-2010-4617
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-4617
|
||||
- http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15749
|
||||
- https://www.cvedetails.com/cve/CVE-2010-4719
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-4719
|
||||
- http://packetstormsecurity.org/files/view/96751/joomlajradio-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/15749
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. (dot dot) in the task parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15585
|
||||
- https://www.cvedetails.com/cve/CVE-2010-4769
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-4769
|
||||
- http://web.archive.org/web/20140803011658/http://secunia.com/advisories/42324/
|
||||
- http://web.archive.org/web/20210121210048/https://www.securityfocus.com/bid/44992/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue