1393 matches found
Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion
A directory traversal vulnerability in the GCalendar comgcalendar component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0972 info: name: Joomla! Component comgcalendar Suite 2.1.5 -...
Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php. id:...
PilusCart <=1.4.1 - Local File Inclusion
PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion. id: CVE-2019-16123 info: name: PilusCart =1.4.2 or apply the vendor-supplied patch to mitigate the LFI vulnerability. reference: -...
Joomla! Component TweetLA 1.0.1 - Local File Inclusion
A directory traversal vulnerability in the TweetLA comtweetla component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1533 info: name: Joomla! Component TweetLA 1.0.1 - Local File Inclusion author: daffain...
Joomla! Component Archery Scores 1.0.6 - Local File Inclusion
A directory traversal vulnerability in archeryscores.php in the Archery Scores comarcheryscores component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1718 info: name: Joomla! Compone...
LG-Ericsson iPECS NMS 30M - Local File Inclusion
Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs. id: CVE-2018-15138 info: name: LG-Ericsson iPECS NMS 30M - Local File Inclusion author: 0xAkoko severity: high description: Ericsson-LG iPECS NMS 30M allows local file inclusion via...
Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery
WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value in com/wavemaker/studio/StudioService.java, leading to disclosure of local files and server-side request forgery. id: CVE-2019-8982 info: name: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request...
Comodo Unified Threat Management Web Console - Remote Code Execution
Comodo Firewall & Central Manager UTM All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. id: CVE-2018-17431 info: name: Comodo Unified Threat Management Web Console - Remote Code Execution author: dwisiswant0 severity: critical description:...
HotelDruid 2.3.0 - Cross-Site Scripting
HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php. id: CVE-2019-8937 info: name: HotelDruid 2.3.0 - Cross-Site Scripting author: LogicalHunte...
Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion
A directory traversal vulnerability in the Ultimate Portfolio comultimateportfolio component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1659 info: name: Joomla! Component Ultimate Portfolio 1.0 - Local Fi...
LiveZilla Server 8.0.1.0 - Cross-Site Scripting
LiveZilla Server 8.0.1.0 is vulnerable to reflected cross-site scripting. id: CVE-2019-12962 info: name: LiveZilla Server 8.0.1.0 - Cross-Site Scripting author: Clment Cruchet severity: medium description: | LiveZilla Server 8.0.1.0 is vulnerable to reflected cross-site scripting. impact: |...
Joomla! Component redSHOP 1.0 - Local File Inclusion
A directory traversal vulnerability in the redSHOP comredshop component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1531 info: name: Joomla! Component redSHOP 1.0 - Local File Inclusion author: daffainfo...
Joomla! Component com_bfsurvey - Local File Inclusion
A directory traversal vulnerability in the BF Survey combfsurvey component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2259 info: name: Joomla! Component combfsurvey - Local File Inclusion...
Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion
A directory traversal vulnerability in the Gadget Factory comgadgetfactory component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1956 info: name: Joomla! Component Gadget Factory 1.0.0 - Local...
Joomla! Component com_rokdownloads - Local File Inclusion
A directory traversal vulnerability in the RokDownloads comrokdownloads component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1056 info: name: Joomla! Component comrokdownload...
qdPM 9.1 - Cross-site Scripting
qdPM 9.1 suffers from Cross-site Scripting XSS in the searchkeywords parameter. id: CVE-2019-8390 info: name: qdPM 9.1 - Cross-site Scripting author: theamanrawat severity: medium description: | qdPM 9.1 suffers from Cross-site Scripting XSS in the searchkeywords parameter. impact: | Successful...
Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion
A directory traversal vulnerability in the Deluxe Blog Factory comblogfactory component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1955 info: name: Joomla! Component Deluxe Blog Factory 1.1.2 - Local Fi...
Joomla! Component Percha Image Attach 1.1 - Directory Traversal
A directory traversal vulnerability in the Percha Image Attach comperchaimageattach component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2034 info: name: Joomla...
Joomla! Component SMEStorage - Local File Inclusion
A directory traversal vulnerability in the SMEStorage comsmestorage component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-1858 info: name: Joomla! Component SMEStorage - Local File...
Aptana Jaxer 1.0.3.4547 - Local File inclusion
Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI. id: CVE-2019-14312 info: name: Aptana Jaxer 1.0.3.4547 - Local File inclusion author: daffainfo...