3 matches found
EUVD-2020-31220
Joomla comfabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjaxfiles method with path traversal sequences to enumerate files in system directories...
CVE-2020-37219
Joomla extension com_fabrik 3.9.11 contains a directory traversal vulnerability in image.php that lets unauthenticated attackers enumerate arbitrary files. By manipulating the folder parameter in onAjax_files, attackers can use path traversal sequences to list files in system directories outside ...
CVE-2020-37219
Joomla comfabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjaxfiles method with path traversal sequences to enumerate files in system directories...