Lucene search
+L

38 matches found

NVD
NVD
added 2025/06/05 2:15 p.m.14 views

CVE-2025-27445

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

5.4CVSS0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/05 1:20 p.m.1 views

CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

5.7AI score0.00429EPSS
Exploits0References1
CVE
CVE
added 2025/06/05 1:20 p.m.73 views

CVE-2025-27445

The CVE-2025-27445 entry concerns RSFirewall for Joomla (RSJoomla) with versions 2.9.7 through 3.1.5. A path traversal flaw arises from insufficient sanitization of user-supplied file path parameters, allowing authenticated users to read arbitrary files outside the Joomla root. The issue is descr...

5.4CVSS6.2AI score0.00429EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/05 1:20 p.m.17 views

CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

0.00429EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.4 views

RSJoomla! RSFirewall! 安全漏洞

RSJoomla! RSFirewall! is a website security protection tool from RSJoomla! A security vulnerability exists in RSJoomla! RSFirewall! versions 2.9.7 through 3.1.5, which stems from insufficient path cleanup and could lead to arbitrary file reads...

5.4CVSS6.7AI score0.00429EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/05 12:0 a.m.6 views

PT-2025-23923 · Joomla · Rsfirewall

Name of the Vulnerable Software and Affected Versions: RSFirewall component versions 2.9.7 through 3.1.5 for Joomla Description: A path traversal issue allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of...

5.4CVSS6.2AI score0.00429EPSS
Exploits0References4
OSV
OSV
added 2022/12/15 7:15 p.m.2 views

CVE-2021-4226

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

9.8CVSS5.8AI score0.00509EPSS
Exploits1References1
NVD
NVD
added 2022/12/15 7:15 p.m.16 views

CVE-2021-4226

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

9.8CVSS0.00509EPSS
Exploits1References1
Prion
Prion
added 2022/12/15 7:15 p.m.16 views

Design/Logic Flaw

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

7.5CVSS9.4AI score0.00509EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/12/15 5:14 p.m.56 views

CVE-2021-4226

The CVE-2021-4226 entry concerns the WordPress RSFirewall! plugin where the component attempts to determine the client’s original IP by inspecting multiple HTTP headers. The vulnerability is a bypass due to the implementation, allowing circumvention of IP-based controls (as described in multiple ...

9.8CVSS9.6AI score0.00509EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/15 5:14 p.m.5 views

CVE-2021-4226 RSFirewall < 1.1.25 - IP Block Bypass

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

9.5AI score0.00509EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/15 5:14 p.m.28 views

CVE-2021-4226 RSFirewall < 1.1.25 - IP Block Bypass

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

9.7AI score0.00509EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/15 12:0 a.m.5 views

WordPress plugin RSFirewall 1.1.25 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS8.4AI score0.00509EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.6 views

PT-2022-11581 · Unknown · Rsfirewall

Name of the Vulnerable Software and Affected Versions: RSFirewall affected versions not specified Description: The issue is related to how RSFirewall attempts to identify the original IP address by examining different HTTP headers. A bypass is possible due to the implementation of this...

9.8CVSS6.9AI score0.00509EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/11/20 12:0 a.m.6 views

PT-2022-25486 · Rsjoomla · Rsjoomla Rsfirewall Plugin

Name of the Vulnerable Software and Affected Versions: RSJoomla RSFirewall Plugin affected versions not specified Description: A vulnerability has been found in the RSJoomla RSFirewall Plugin, affecting an unknown function of the component HTTP Header Handler. The manipulation of the...

6.3AI score
Exploits0References3
Patchstack
Patchstack
added 2022/04/13 12:0 a.m.29 views

WordPress RSFirewall! plugin <= 1.1.24 - IP Block Bypass vulnerability

IP Block Bypass vulnerability discovered by Daniel Ruf in WordPress RSFirewall! plugin versions = 1.1.24. Solution Update the WordPress RSFirewall! plugin to the latest available version at least 1.1.25...

2.6AI score0.00509EPSS
Exploits1References3Affected Software1
Kitploit
Kitploit
added 2019/05/14 12:43 p.m.228 views

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

7.2AI score
Exploits0References3
Packet Storm
Packet Storm
added 2019/01/25 12:0 a.m.51 views

Joomla RSFirewall 2.11.25 Database Disclosure

Exploit Title : Joomla RSFirewall Components 2.11.25 Database and Password Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/01/2019 Vendor Homepage : rsjoomla.com Software Download Link : extensions.joomla.org/extension/rsfirewall/ Software...

7.4AI score
Exploits0
Rows per page
Query Builder