EUVD-2010-0997

Malware in sbrugna...

Joomla Gcalendar Remote File Inclusion

Title : Joomla component comgcalendar Remote File Inclusion Vulnerability Author : KedAns-Dz E-mail : [email protected] | [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote File Inclusion Vulnerability Tested o...

Directory traversal

Directory traversal vulnerability in the GCalendar comgcalendar component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php...

CVE-2010-0972

Directory traversal vulnerability in the GCalendar comgcalendar component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php...

CVE-2010-0972

Affected product/component: Joomla! component com_gcalendar Suite 2.1.5. Vulnerability: Directory traversal / Local File Inclusion (LFI) in the GCalendar module. Root cause: Improper handling of the controller parameter in index.php allows including and executing arbitrary local files via a ../ s...

Joomla GCalendar 2.1.5 Local File Inclusion

Joomla component GCalendar Suite 2.1.5 Local File Include Version : 2.1.5 Author : jdc Download : http://g4j.laoneo.net/content/extensions/download/docdetails/28-gcalendar-suite-215.html http://site/index.php?option=comgcalendar&controller=../../../../../etc/passwd%00 jdc 2010...

Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion

Joomla component GCalendar Suite 2.1.5 Local File Include Version : 2.1.5 Author : jdc Download : http://g4j.laoneo.net/content/extensions/download/docdetails/28-gcalendar-suite-215.html http://site/index.php?option=comgcalendar&controller=../../../../../etc/passwd%00 jdc 2010...

GCalendar Component for Joomla! 'gcid' Parameter SQLi

The version of the GCalendar component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the models/event.php script due to improper sanitization of user-supplied input to the 'gcid' parameter before using it to construct database queries. Regardless of the PH...

CVE-2009-4099

SQL injection vulnerability in the Google Calendar GCalendar comgcalendar component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in the Google Calendar GCalendar comgcalendar component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information...

CVE-2009-4099

The Joomla! GCalendar component (com_gcalendar) for Joomla! is affected by a SQL injection in the gcid parameter. Affected versions include GCalendar 1.1.2, 2.1.4, and possibly earlier. The root cause is improper sanitization of user-supplied input in the gcid value used to build SQL queries (mod...

CVE-2009-4099

SQL injection vulnerability in the Google Calendar GCalendar comgcalendar component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information...