4146 matches found
Joomla! Component Photo Battle 1.0.1 - Local File Inclusion
A directory traversal vulnerability in the Photo Battle comphotobattle component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. id: CVE-2010-1461 info: name: Joomla! Component Photo Battle 1.0.1 - Local File Inclusion author: daffainfo...
Joomla! Component JProject Manager 1.0 - Local File Inclusion
A directory traversal vulnerability in the Ternaria Informatica JProject Manager comjprojectmanager component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1469 inf...
Joomla! Component Jfeedback 1.2 - Local File Inclusion
A directory traversal vulnerability in the Ternaria Informatica Jfeedback! comjfeedback component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1478 info: name:...
Joomla! Component com_blog - Directory Traversal
A directory traversal vulnerability in index.php in the MyBlog commyblog component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the task parameter. id: CVE-2010-1540 info: name: Joomla! Component comblog - Directory Traversal author: daffainfo severity:...
Joomla! Component Graphics 1.0.6 - Local File Inclusion
A directory traversal vulnerability in graphics.php in the Graphics comgraphics component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1653 info: name: Joomla! Component...
Joomla! Component NoticeBoard 1.3 - Local File Inclusion
A directory traversal vulnerability in the Code-Garage NoticeBoard comnoticeboard component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1658 info: name: Joomla!...
Joomla! Component Online Exam 1.5.0 - Local File Inclusion
A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...
Joomla! Component OrgChart 1.0.0 - Local File Inclusion
A directory traversal vulnerability in the OrgChart comorgchart component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1878 info: name: Joomla! Component OrgChart 1.0.0 - Local File Inclusion author:...
Joomla! Component JA Voice 2.0 - Local File Inclusion
A directory traversal vulnerability in the JA Voice comjavoice component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1982 info: name: Joomla! Component JA Voice 2.0 - Local File Inclusion author: daffainfo...
Joomla! Component MS Comment 0.8.0b - Local File Inclusion
A directory traversal vulnerability in the Moron Solutions MS Comment commscomment component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2050 info: name: Joomla! Component MS Comment 0.8.0b - Local File...
Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion
A directory traversal vulnerability in the JE Quotation Form comjequoteform component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the view parameter to index.php. id: CVE-2010-2128 info: name: Joomla! Component ...
Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion
A directory traversal vulnerability in the Picasa2Gallery compicasa2gallery component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2507 info: name:...
Joomla! Component jesectionfinder - Local File Inclusion
A directory traversal vulnerability in the JExtensions JE Section/Property Finder jesectionfinder component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php. id: CVE-2010-2680 info: name: Joomla!...
Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion
A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites comjoomla-visites component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. id: CVE-2010-2918 info: name: Joomla! Component Visit...
Joomla! Component PicSell 1.0 - Arbitrary File Retrieval
A directory traversal vulnerability in the PicSell compicsell component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the dflink parameter in a prevsell dwnfree action to index.php. id: CVE-2010-3203 info: name: Joomla! Component PicSell 1.0 - Arbitrary File...
Joomla! Component JRadio - Local File Inclusion
A directory traversal vulnerability in JRadio comjradio component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-4719 info: name: Joomla! Component JRadio - Local File Inclusion...
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion
A directory traversal vulnerability in the Jimtawl comjimtawl component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. dot dot in the task parameter to index.php. id: CVE-2010-4769 info: name: Joomla! Component Jimtawl 1.0.2 - Local...
Joomla! Component Canteen 1.0 - Local File Inclusion
A SQL injection vulnerability in menu.php in the Canteen comcanteen component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. id: CVE-2010-4977 info: name: Joomla! Component Canteen 1.0 - Local File Inclusion author: daffainfo...
Joomla! Component JE Job 1.0 - Local File Inclusion
A SQL injection vulnerability in the JExtensions JE Job comjejob component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. id: CVE-2010-5028 info: name: Joomla! Component JE Job 1.0 - Local File Inclusion author:...
Chyrp 2.x - Local File Inclusion
A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F encoded dot dot slash in the action parameter to the default URI. id: CVE-2011-2744 info: name: Chyrp 2.x - Local File Inclusion author: daffainfo severity...
Etherpad Lite <1.6.4 - Admin Authentication Bypass
Etherpad Lite before 1.6.4 is exploitable for admin access. id: CVE-2018-9845 info: name: Etherpad Lite 1.6.4 - Admin Authentication Bypass author: philippedelteil severity: critical description: Etherpad Lite before 1.6.4 is exploitable for admin access. impact: | An attacker can bypass the admi...
Joomla! Component webERPcustomer - Local File Inclusion
A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer comweberpcustomer component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1315 info: name: Joomla!...
KindEditor 4.1.11 - Cross-Site Scripting
KindEditor 4.1.11 contains a cross-site scripting vulnerability via the php/demo.php content1 parameter. id: CVE-2019-7543 info: name: KindEditor 4.1.11 - Cross-Site Scripting author: pikpikcu severity: medium description: KindEditor 4.1.11 contains a cross-site scripting vulnerability via the...
MindPalette NateMail 3.0.15 - Cross-Site Scripting
MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The application will reflect the recipient value if it is not in the NateMail recipient array. Note...
QCube Cross-Site-Scripting
A reflected cross-site scripting vulnerability in qcubed all versions including 3.1.1 in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users. id: CVE-2020-24912 info: name: QCube Cross-Site-Scripting author: pikpikcu severity: medium...
Jeesns 1.4.2 - Cross-Site Scripting
Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. id: CVE-2020-19295 info: name: Jeesns 1.4.2 - Cross-Site Scripting author:...
Jeesns 1.4.2 - Cross-Site Scripting
Jeesns 1.4.2 is vulnerable to reflected cross-site scripting that allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. id: CVE-2020-19282 info: name: Jeesns 1.4.2 - Cross-Site Scripting author: pikpikcu severity: medium...
Joomla! Component Love Factory 1.3.4 - Local File Inclusion
A directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1957 info: name: Joomla! Component Love Factory 1.3.4 - Local File Inclusion...
Joomla! Component Juke Box 1.7 - Local File Inclusion
A directory traversal vulnerability in the JOOFORGE Jutebox comjukebox component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1352 info: name: Joomla! Component Juke Box 1.7 - Local File Inclusion...
Joomla! Component BeeHeard 1.0 - Local File Inclusion
A directory traversal vulnerability in the BeeHeard combeeheard and BeeHeard Lite combeeheardlite component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1952 info: name: Joomla! Component BeeHeard 1.0 - Loc...
Joomla! Component redSHOP 1.0 - Local File Inclusion
A directory traversal vulnerability in the redSHOP comredshop component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1531 info: name: Joomla! Component redSHOP 1.0 - Local File Inclusion author: daffainfo...
Responsive FileManager <9.13.4 - Local File Inclusion
Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajaxcalls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion. id: CVE-2018-15535 info: name: Responsive FileManager...
Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion
A directory traversal vulnerability in the MT Fire Eagle commtfireeagle component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1719 info: name: Joomla! Component ...
VelotiSmart Wifi - Directory Traversal
VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80. id: CVE-2018-14064 info: name: VelotiSmart Wifi - Directory Traversal author: 0xAkoko severity: critical description: VelotiSmart WiFi B-380 camera...
Joomla! Component WMI 1.5.0 - Local File Inclusion
A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface aka WMI or comwmi component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1607 info: name: Joomla!...
Joomla! Component Shoutbox Pro - Local File Inclusion
A directory traversal vulnerability in the Shoutbox Pro comshoutbox component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1534 info: name: Joomla! Component Shoutbox Pro - Local File Inclusion author: daffainf...
Joomla! Component Horoscope 1.5.0 - Local File Inclusion
A directory traversal vulnerability in the Daily Horoscope comhoroscope component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1472 info: name: Joomla! Component Horoscope 1.5.0 - Local File Inclusion...
Joomla! Component Advertising 0.25 - Local File Inclusion
A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...
Joomla! Component News Portal 1.5.x - Local File Inclusion
A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...
Joomla! Component Magic Updater - Local File Inclusion
A directory traversal vulnerability in the Magic Updater comjoomlaupdater component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1307 info: name: Joomla! Component Magic Updater - Local File Inclusion author:...
Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion
A directory traversal vulnerability in the Seber Cart comsebercart component 1.0.0.12 and 1.0.0.13 for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1313 info: name: Joomla! Component Sab...
Joomla! Component AWDwall 1.5.4 - Local File Inclusion
A directory traversal vulnerability in the AWDwall comawdwall component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1494 info: name: Joomla! Component AWDwall 1.5.4 - Local File Inclusion author: daffain...
Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion
A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr comjoomlaflickr component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1980 info: name: Joomla! Component...
Joomla! Component VJDEO 1.0 - Local File Inclusion
A directory traversal vulnerability in the VJDEO comvjdeo component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1354 info: name: Joomla! Component VJDEO 1.0 - Local File Inclusion author: daffain...
Joomla! Component User Status - Local File Inclusion
A directory traversal vulnerability in userstatus.php in the User Status comuserstatus component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1304 info: name: Joomla! Component User Status - Local File...
Joomla! Component com_abbrev - Local File Inclusion
A directory traversal vulnerability in the Abbreviations Manager comabbrev component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0985 info: name: Joomla! Component comabbrev - Local Fi...
Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal
A directory traversal vulnerability in the Percha Gallery comperchagallery component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2035 info: name: Joomla!...
Kirona Dynamic Resource Scheduler - Information Disclosure
Kirona Dynamic Resource Scheduler is susceptible to information disclosure. An unauthenticated user can directly access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd, which contains sensitive information with exposed SQL queries, such as database version, table name, and column name. id:...
Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion
A directory traversal vulnerability in the Ultimate Portfolio comultimateportfolio component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1659 info: name: Joomla! Component Ultimate Portfolio 1.0 - Local Fi...
Joomla! Component Arcade Games 1.0 - Local File Inclusion
A directory traversal vulnerability in the Arcade Games comarcadegames component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1714 info: name: Joomla! Component Arcade Games 1.0 - Local File Inclusion autho...