2 matches found
CVE-2010-1875
CVE-2010-1875 affects the Joomla! Real Estate Property component (com_properties) 3.1.22-03. A directory traversal flaw allows unauthenticated remote attackers to read arbitrary files via a dot-dot sequence in the controller parameter to index.php. The connected Nuclei template confirms the vulne...
CVE-2010-1874
CVE-2010-1874 concerns the Joomla! Real Estate Property (com_properties) component, version 3.1.22-03, where the 'aid' parameter in an agentlisting action of index.php is vulnerable to SQL injection. The underlying cause is improper sanitization, allowing remote attackers to execute arbitrary SQL...