38 matches found
CVE-2025-27445
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...
CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...
CVE-2025-27445
The CVE-2025-27445 entry concerns RSFirewall for Joomla (RSJoomla) with versions 2.9.7 through 3.1.5. A path traversal flaw arises from insufficient sanitization of user-supplied file path parameters, allowing authenticated users to read arbitrary files outside the Joomla root. The issue is descr...
CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...
RSJoomla! RSFirewall! 安全漏洞
RSJoomla! RSFirewall! is a website security protection tool from RSJoomla! A security vulnerability exists in RSJoomla! RSFirewall! versions 2.9.7 through 3.1.5, which stems from insufficient path cleanup and could lead to arbitrary file reads...
PT-2025-23923 · Joomla · Rsfirewall
Name of the Vulnerable Software and Affected Versions: RSFirewall component versions 2.9.7 through 3.1.5 for Joomla Description: A path traversal issue allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of...
CVE-2021-4226
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...
CVE-2021-4226
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...
Design/Logic Flaw
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...
CVE-2021-4226
The CVE-2021-4226 entry concerns the WordPress RSFirewall! plugin where the component attempts to determine the client’s original IP by inspecting multiple HTTP headers. The vulnerability is a bypass due to the implementation, allowing circumvention of IP-based controls (as described in multiple ...
CVE-2021-4226 RSFirewall < 1.1.25 - IP Block Bypass
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...
CVE-2021-4226 RSFirewall < 1.1.25 - IP Block Bypass
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...
WordPress plugin RSFirewall 1.1.25 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2022-11581 · Unknown · Rsfirewall
Name of the Vulnerable Software and Affected Versions: RSFirewall affected versions not specified Description: The issue is related to how RSFirewall attempts to identify the original IP address by examining different HTTP headers. A bypass is possible due to the implementation of this...
PT-2022-25486 · Rsjoomla · Rsjoomla Rsfirewall Plugin
Name of the Vulnerable Software and Affected Versions: RSJoomla RSFirewall Plugin affected versions not specified Description: A vulnerability has been found in the RSJoomla RSFirewall Plugin, affecting an unknown function of the component HTTP Header Handler. The manipulation of the...
WordPress RSFirewall! plugin <= 1.1.24 - IP Block Bypass vulnerability
IP Block Bypass vulnerability discovered by Daniel Ruf in WordPress RSFirewall! plugin versions = 1.1.24. Solution Update the WordPress RSFirewall! plugin to the latest available version at least 1.1.25...
WAFW00F v1.0.0 - Detect All The Web Application Firewall!
WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...
Joomla RSFirewall 2.11.25 Database Disclosure
Exploit Title : Joomla RSFirewall Components 2.11.25 Database and Password Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/01/2019 Vendor Homepage : rsjoomla.com Software Download Link : extensions.joomla.org/extension/rsfirewall/ Software...