Joomla! Component Jw_allVideos - Arbitrary File Retrieval

A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter. id: CVE-2010-0696 info: name: Joomla! Component...

Exploit for Unrestricted Upload of File with Dangerous Type in Verot_Project Verot

class.upload.php...

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

AllVideos version 4.6.1 and previous

AllVideos by Joomlaworks version 4.6.1 and previous XSS Cross Site Scripting Resolution: update to version 4.7.0 Update notice url: http://www.joomlaworks.net/forum/product-updates/41200-april-20th,-2015-allvideos-v4-7-0...

Joomla Component com_K2 -q 1.0.1b (category) SQL Injection Vuln

No description provided by source. ---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com...

Joomlaworks allvideos

Joomlaworks allvideos plugin version 4.5.0 and previous XSS cross-site scripting Extension Update Details The new 4.6.0 version released replaces the XSS affected JW Player v5 with the newest v6. UpdateNoticeURL http://www.joomlaworks.net/forum/extension-updates/14896-june-3rd,-2014-allvideos-v4-...

Joomla! Component com_jwmmxtd - Remote File Inclusion

Joomla component comjwmmxtd = Remote File Inclusion Vulnerability Info: "JW Media Manager XTD" comjwmmxtd Administrator Component for Joomla! 1.0.x & Mambo 4.5.x/4.6.x Version: 1.2 License: http://www.gnu.org/copyleft/gpl.html Page: http://www.joomlaworks.gr Download:...

Directory traversal

Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter...

CVE-2010-0696

Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter...

CVE-2010-0696

Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos JwallVideos plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ modified dot dot in the file parameter...

CVE-2010-0696

Summary: CVE-2010-0696 affects the JoomlaWorks AllVideos (Jw_allVideos) plugin for Joomla! (versions 3.0–3.2). The vulnerability is a directory traversal in includes/download.php that allows remote attackers to read arbitrary files via a ../.. path in the file parameter, potentially exposing sens...

Joomla! JoomlaWorks AllVideos Plugin 'file' Parameter Directory Traversal

The version of the JoomlaWorks AllVideos plugin for Joomla! running on the remote host is affected by an information disclosure vulnerability due to improper sanitization of user-supplied input to the 'file' parameter before using it in the /plugins/content/jwallvideos/includes/download.php scrip...

Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln

No description provided by source. ---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com...

Joomla K2 1.0.1b SQL Injection

---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com + Group : LatinHackTeam +...

Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln

Exploit for unknown platform in category web applications =============================================================== Joomla Component comK2 : null'+and+1=2+union+select+1,concatusername,0x3a,passwordChipD3Bi0s,3,4,5,6,7,8,9,10,11,12,13,14+from+josusers/ Demo Live 1:...

Joomla! Component com_K2 -q 1.0.1b - &#039;category&#039; SQL Injection

---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com + Group : LatinHackTeam +...