12 matches found
EUVD-2009-2391
Malware in sbrugna...
SUSE CVE-2009-2395
SQL injection vulnerability in the K2 comk2 component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php...
VulnCheck KEV: CVE-2018-7482
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1../configuration.php&download=1 request. The specific pathname ../configuration.php...
Joomla! K2 Component Access Control Error Vulnerability
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . K2 is used in one of the article system components , the component supports the image display and commenting and other featur...
CVE-2018-7482
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1../configuration.php&download=1 request. The specific pathname ../configuration.php should b...
CVE-2018-7482
The CVE-2018-7482 vulnerability affects the Joomla! K2 component version 2.8.0, where an Incorrect Access Control allows directory traversal to download arbitrary files via a crafted request (view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1). The base path l1_.. sugges...
CVE-2018-7482
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1../configuration.php&download=1 request. The specific pathname ../configuration.php should b...
Joomla K2 2.8.0 Component - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component K2 2.8.0 - Arbitrary File Download Dork: N/A Date: 26.02.2018 Vendor Homepage: http://www.joomlaworks.net/ Software Link:...
Joomla! Stor for K2 Component SQL Injection Vulnerability
Joomla! is an open source content management system CMS, the system provides RSS feeds, site search and other functions. A SQL injection vulnerability exists in version 3.8.2 of the Joomla! Stor for K2 component. The vulnerability exists because the program fails to adequately filter user-submitt...
Sql injection
SQL injection vulnerability in the K2 comk2 component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php...
CVE-2009-2395
SQL injection vulnerability in the K2 comk2 component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php...
CVE-2009-2395
SQL injection vulnerability in the K2 comk2 component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php...