AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]

34 exploits Active since Apr 2010
CVE-2010-1479 EXPLOITDB text WORKING POC
Joomla! com_rokmodule 1.1 - SQL Injection
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php.
CVE-2010-2143 EXPLOITDB text WORKING POC
Symphony CMS 2.0.7 - Path Traversal via Mode Parameter
Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the mode parameter.
CVE-2010-2313 EXPLOITDB text WORKING POC
Anodyne Productions SIMM Management System 2.6.10 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1600 EXPLOITDB text WORKING POC
Media Mall Factory (com_mediamall) 1.0.4 - SQL Injection via Category Parameter
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVE-2010-1495 EXPLOITDB text WORKING POC
Matamko com_matamko 1.01 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1491 EXPLOITDB text WORKING POC
MMS Blog (com_mmsblog) 2.3.0 - Path Traversal
Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1719 EXPLOITDB text WORKING POC
com_mtfireeagle 1.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1312 EXPLOITDB text WORKING POC
iJoomla News Portal <1.5.x - Path Traversal
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1658 EXPLOITDB text WORKING POC
Code-Garage NoticeBoard 1.3 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1878 EXPLOITDB text WORKING POC
com_orgchart 1.0.0 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1475 EXPLOITDB text WORKING POC
Joomla! com_preventive 1.0.5 - Path Traversal
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108842 EXPLOITDB text WORKING POC
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)
CVE-2010-1480 EXPLOITDB text WORKING POC
Joomla! com_rokmodule 1.1 - SQL Injection
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1313 EXPLOITDB text WORKING POC
Seber Cart <1.0.0.12-1.0.0.13 - Path Traversal
Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1474 EXPLOITDB text WORKING POC
Joomla! com_sweetykeeper <1.5 - Path Traversal
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-5053 EXPLOITDB text WORKING POC
com_xobbix 1.0.1 - SQL Injection via prodid Parameter
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php.
CVE-2010-1602 EXPLOITDB text WORKING POC
ZiMB Comment 0.8.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1603 EXPLOITDB text WORKING POC
Zimbllc Com Zimbcore - Path Traversal
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1352 EXPLOITDB text WORKING POC
JOOFORGE Jutebox <1.7 - Path Traversal
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1957 EXPLOITDB text WORKING POC
com_lovefactory 1.3.4 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108620 EXPLOITDB text WORKING POC
Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion
CVE-2010-1981 EXPLOITDB text WORKING POC
Fabrik 2.0 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1956 EXPLOITDB text WORKING POC
Gadget Factory (com_gadgetfactory) 1.0.0 and 1.5.0 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1717 EXPLOITDB text WORKING POC
iF surfALERT 1.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1723 EXPLOITDB text WORKING POC
iNetLanka Contact Us Draw Root Map (com_drawroot) 1.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.