RSS   Vulnerabilities for 'Joomlaexplorer'   RSS

2008-04-16
 
CVE-2008-1849

CWE-22
 

 
Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action.

 
 
CVE-2008-1848

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.

 

 >>> Vendor: Joomlacode 2 Products
Joomlaexplorer
Extplorer


Copyright 2024, cxsecurity.com

 

Back to Top