Paman

31 exploits Active since Apr 2010
CVE-2010-5040 EXPLOITDB text WORKING POC
Nucleus NP_Gallery <0.94 - RCE
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1493 EXPLOITDB text WORKING POC
Joomla! <1.5.5 - SQL Injection
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php.
CVE-2010-5041 EXPLOITDB text WORKING POC
NP_Gallery 0.94 - SQL Injection
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
CVE-2010-2314 EXPLOITDB text WORKING POC
Edmondhui.homeip NP Twitter - Code Injection
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1715 EXPLOITDB text WORKING POC
Pucit.edu Com Onlineexam - Path Traversal
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1722 EXPLOITDB text WORKING POC
Dev.pucit.edu.pk Com Market - Path Traversal
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108747 EXPLOITDB text WORKING POC
Joomla! Component JoomMail 1.0 - Local File Inclusion
CVE-2010-1659 EXPLOITDB text WORKING POC
Webkul Com Ultimateportfolio - Path Traversal
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108842 EXPLOITDB text WORKING POC
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)
CVE-2010-1469 EXPLOITDB text WORKING POC
Joomla! com_jprojectmanager 1.0 - Path Traversal
Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108784 EXPLOITDB text WORKING POC
Joomla! Component Memory Book 1.2 - Local File Inclusion
EIP-2026-108801 EXPLOITDB text WORKING POC
Joomla! Component My Files 1.0 - Local File Inclusion
EIP-2026-108591 EXPLOITDB text WORKING POC
Joomla! Component com_webeecomment 2.0 - Local File Inclusion
EIP-2026-108592 EXPLOITDB text WORKING POC
Joomla! Component com_wgpicasa - Local File Inclusion
EIP-2026-108618 EXPLOITDB text WORKING POC
Joomla! Component CV Maker 1.0 - Local File Inclusion
CVE-2010-1656 EXPLOITDB perl WORKING POC
Airiny Com Abc - SQL Injection
SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sectionid parameter in an abc action to index.php.
CVE-2010-1955 EXPLOITDB text WORKING POC
Thefactory Com Blogfactory - Path Traversal
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108622 EXPLOITDB text WORKING POC
Joomla! Component Digital Diary 1.5.0 - Local File Inclusion
EIP-2026-108650 EXPLOITDB text WORKING POC
Joomla! Component FlashGames 1.5.0 - Local File Inclusion
EIP-2026-108620 EXPLOITDB text WORKING POC
Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion
CVE-2010-1471 EXPLOITDB text WORKING POC
Joomla! com_addressbook <1.5.0 - Path Traversal
Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1473 EXPLOITDB text WORKING POC
Joomla! com_advertising 0.25 - Path Traversal
Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1979 EXPLOITDB text WORKING POC
Affiliatefeeds Com Datafeeds - Path Traversal
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108207 EXPLOITDB text WORKING POC
Joomla! Component Appointment 1.5 - Local File Inclusion
CVE-2010-1714 EXPLOITDB text WORKING POC
Dev.pucit.edu.pk Com Arcadegames - Path Traversal
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.