Joomlamo : Security Vulnerabilities, CVEs,
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2011-10-09
Updated
2018-10-10
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.87%
Published
2010-04-08
Updated
2017-08-17
Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Max CVSS
5.0
EPSS Score
3.20%
Published
2010-04-08
Updated
2017-08-17
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Max CVSS
5.0
EPSS Score
0.45%
Published
2010-04-08
Updated
2017-08-17
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Max CVSS
4.3
EPSS Score
19.30%
Published
2010-03-16
Updated
2010-03-17
5 vulnerabilities found