Joomla! Component Jw_allVideos - Arbitrary File Retrieval

A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter. id: CVE-2010-0696 info: name: Joomla! Component...

Joomla! Component MS Comment 0.8.0b - Local File Inclusion

A directory traversal vulnerability in the Moron Solutions MS Comment commscomment component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2050 info: name: Joomla! Component MS Comment 0.8.0b - Local File...

Joomla! Component Canteen 1.0 - Local File Inclusion

A SQL injection vulnerability in menu.php in the Canteen comcanteen component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. id: CVE-2010-4977 info: name: Joomla! Component Canteen 1.0 - Local File Inclusion author: daffainfo...

Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion

A directory traversal vulnerability in the givesight PowerMail Pro compowermail component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1532 info: name: Joomla!...

Joomla! Component Love Factory 1.3.4 - Local File Inclusion

A directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1957 info: name: Joomla! Component Love Factory 1.3.4 - Local File Inclusion...

Joomla! Component Jfeedback 1.2 - Local File Inclusion

A directory traversal vulnerability in the Ternaria Informatica Jfeedback! comjfeedback component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1478 info: name:...

Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion

A directory traversal vulnerability in the Deluxe Blog Factory comblogfactory component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1955 info: name: Joomla! Component Deluxe Blog Factory 1.1.2 - Local Fi...

Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion

A directory traversal vulnerability in the iNetLanka Multiple Map commultimap component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1953 info: name: Joomla! Component iNetLanka Multiple Map 1.0 - Local Fil...

Joomla! Component MMS Blog 2.3.0 - Local File Inclusion

A directory traversal vulnerability in the MMS Blog commmsblog component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1491 info: name: Joomla! Component MMS Blo...

Xiaomi Mi WiFi R3G Routers - Local file Inclusion

Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. id: CVE-2019-18371...

WordPress Gift Voucher <4.1.8 - Blind SQL Injection

WordPress Gift Vouchers plugin before 4.1.8 contains a blind SQL injection vulnerability via the templateid parameter in a wp-admin/admin-ajax.php wpgvdoajaxfronttemplate request. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative...

Revive Adserver 4.2 - Remote Code Execution

Revive Adserver 4.2 is susceptible to remote code execution. An attacker can send a crafted payload to the XML-RPC invocation script and trigger the unserialize call on the "what" parameter in the "openads.spc" RPC method. This can be exploited to perform various types of attacks, e.g...

Apache Tomcat - Cross-Site Scripting

Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 are vulnerable to cross-site scripting because the SSI printenv command echoes user provided data without escaping. Note: SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be prese...

OEcms 3.1 - Cross-Site Scripting

OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of info.php. id: CVE-2018-12095 info: name: OEcms 3.1 - Cross-Site Scripting author: LogicalHunter severity: medium description: OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of...

Homematic CCU3 - Local File Inclusion

eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. id: CVE-2019-9726 info: name: Homematic CCU3 - Local...

Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting

Zarafa WebApp 2.0.1.47791 and earlier contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2019-7219 info: name: Zarafa WebApp =2.0.1.47791 -...

WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated Options Import and Export

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. id: CVE-2019-17232 info: name: WordPress Ultimate FAQs = 1.8.24 – Unauthenticated Options Import and Export author: daffainfo severity: high description: |...

ifw8 Router ROM v4.31 - Credential Discovery

ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code. id: CVE-2019-16313 info: name: ifw8 Router ROM v4.31 - Credential Discovery author: pikpikcu severity: high description: ifw8 Router ROM v4.31 is vulnerable to credential disclosure via...

WP Google Maps < 7.10.43 - Cross-Site Scripting

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO. id: CVE-2019-9912 info: name: WP Google Maps 7.10.43 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The wp-google-maps plugin before 7.10.43 for WordPress has XSS via t...

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...