Joomla! Component com_cartweberp - Local File Inclusion

A directory traversal vulnerability in the CARTwebERP comcartweberp component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0982 info: name: Joomla! Component comcartweberp - Local File Inclusion author:...

Joomla! Component CCNewsLetter - Local File Inclusion

A directory traversal vulnerability in the ccNewsletter comccnewsletter component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter in a ccnewsletter action to index.php. id: CVE-2010-0467 info: name: Joomla! Component CCNewsLetter -...

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion

A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files...

Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion

Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter. id: CVE-2009-1558 info: name: Cisco Linksys WVC54GCA 1.00R22/1.00R...

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the HordeImage driver name. id: CVE-2009-0932 inf...

Joomla! Component Jw_allVideos - Arbitrary File Retrieval

A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter. id: CVE-2010-0696 info: name: Joomla! Component...

Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion

Joomla! Omilen Photo Gallery comomphotogallery component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. id: CVE-2009-4202 info: name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion...

Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion

Joomla! JoomlaPraise Projectfork comprojectfork 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php. id: CVE-2009-2100 info: name: Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion author: daffainfo severity: medium...

Joomla! Cmimarketplace 0.1 - Local File Inclusion

Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because comcmimarketplace allows remote attackers to list arbitrary directories via a .. dot dot in the viewit parameter to index.php. id: CVE-2009-1496 info: name: Joomla! Cmimarketplace 0.1 - Local File Inclusion author: daffainf...

UC Gateway Investment SiteEngine v5.0 - Open Redirect

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action. id: CVE-2008-7269 info: name: UC Gateway Investment SiteEngine v5.0 - Open...

Joomla! Roland Breedveld Album 1.14 - Local File Inclusion

Joomla! Roland Breedveld Album 1.14 comalbum is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. dot dot in the target parameter to index.php. id: CVE-2009-3318 info: name: Joomla! Roland Breedveld...

Adobe Coldfusion <=8.0.1 - Cross-Site Scripting

Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm, 3...

Joomla! Agora 3.0.0b - Local File Inclusion

Joomla! Agora 3.0.0b comagora allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php. id: CVE-2009-3053 info: name: Joomla! Agora 3.0.0b - Local File Inclusion author: daffainfo severit...

AWStats < 6.95 - Open Redirect

An open redirect vulnerability in awredir.pl in AWStats 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2009-5020 info: name: AWStats 6.95 - Open Redirect author: pdteam severity: medium description: An open...

Joomla! MooFAQ 1.0 - Local File Inclusion

Joomla! Ideal MooFAQ 1.0 via commoofaq allows remote attackers to read arbitrary files via a .. dot dot in the file parameter local file inclusion. id: CVE-2009-2015 info: name: Joomla! MooFAQ 1.0 - Local File Inclusion author: daffainfo severity: high description: Joomla! Ideal MooFAQ 1.0 via...

Joomla! Component User Status - Local File Inclusion

A directory traversal vulnerability in userstatus.php in the User Status comuserstatus component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1304 info: name: Joomla! Component User Status - Local File...

Joomla! Component DW Graph - Local File Inclusion

A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs comdwgraphs component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-1302 info: name: Joomla! Component DW Grap...

Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion

A directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the...

Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion

A directory traversal vulnerability in the Community Polls comcommunitypolls component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1081 info: name: Joomla! Component...

Joomla! Component Online Exam 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...