CVE-2020-37219 Joomla com_fabrik 3.9.11 Directory Traversal via image.php

Joomla comfabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjaxfiles method with path traversal sequences to enumerate files in system directories...

EUVD-2011-4909

Malware in sbrugna...

EUVD-2010-2000

Malware in sbrugna...

schrift-fabrik.de Cross Site Scripting vulnerability OBB-3266239

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fabrik 3.9,Various

,fabrik 3.9. Various Issues NOTE: the earlier version number was a mistake by the reporter. new version number 3.9.1 Update Notice URL https://fabrikar.com/blog/87-fabrik-3-9-1-released...

Joomla Fabrik 3.9.11 Directory Traversal

Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Date: 2020-03-30 Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on: Debian/Nginx/Joomla! 3.9.11...

CVE-2018-10727

Reflected Cross-Site Scripting XSS vulnerability in the fabrikreferrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header...

CVE-2018-10727

Reflected Cross-Site Scripting XSS vulnerability in the fabrikreferrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header...

Cross site scripting

Reflected Cross-Site Scripting XSS vulnerability in the fabrikreferrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header...

CVE-2018-10727

The CVE-2018-10727 entry describes a Reflected Cross-Site Scripting (XSS) vulnerability in the Fabrikar Fabrik Joomla! component, specifically in the fabrik_referrer hidden field. The issue affects versions up to v3.8.1, enabling remote attackers to inject arbitrary script via the HTTP Referer he...

Zeebsploit - Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...

Joomla Fabrik 3.9 CSRF / LFI / Shell Upload

Exploit Title : Joomla ComFabrik 3.9 pluginAjax importcsv advancedsearch getprodimg controller LFI with htaccess CSRF Shell Access Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 29/11/2018 Vendor Homepage : extensions.joomla.org/extension/fabrik/...

Joomla Fabrik 1.4 / 1.5 Cross Site Scripting

@@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@...

La Fabrik SQL Injection

== ABOUT ME: --- TAURUS OMAR --- INDEPENDENT SECURITY RESEARCHER --- ACCESOILEGAL.BLOGSPOT.COM --- @omartaurus --- omar-taurusatdragonsecuritydotorg --- omar-taurusatlivedotcom === INFO: Author : TAURUS OMAR Category : Webapps / 0day Title Exploit : La Fabrik - SQL Injection Vulnerability Vendor ...

La Fabrik - SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

CVE-2011-5004

Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik comfabrik component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to...

Unrestricted file upload

Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik comfabrik component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to...

CVE-2011-5004

Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik comfabrik component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to...

CVE-2011-5004

CVE-2011-5004 describes an unrestricted file upload vulnerability in the Fabrik (com_fabrik) component for Joomla!, affecting versions before 2.1.1. The flaw resides in models/importcsv.php and can be exploited by remote authenticated users with Manager privileges to upload a file with an executa...

Joomla Fabrik SQL Injection

$$ +==============================================================+ | Joomla Component comFabrik SQL Injection Vulnerability | +==============================================================+ Vendor : http://fabrikar.com/ Author : Mkr0x Home : www.kernel.ge E-mail : [email protected] Place :...