1. Reverse Engineering >
  2. Exploits >
  3. Xaraya 1.0 Rc1/1.0 Rc2/1.0 Rc3/1.0 Rc4 Backend xarmlsxml2phpbackend.php create module directory traversal


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Xaraya 1.0 Rc1/1.0 Rc2/1.0 Rc3/1.0 Rc4 Backend xarmlsxml2phpbackend.php create module directory traversal

RSS Kategorie Pfeil Exploits vom | Quelle: vuldb.com Direktlink öffnen

A vulnerability has been found in Xaraya 1.0 Rc1/1.0 Rc2/1.0 Rc3/1.0 Rc4 and classified as problematic. This vulnerability affects the function create of the file xarmlsxml2phpbackend.php of the component Backend. Upgrading eliminates this vulnerability....

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu Xaraya 1.0 Rc1/1.0 Rc2/1.0 Rc3/1.0 Rc4 Backend xarmlsxml2phpbackend.php create module directory traversal






Ähnliche Beiträge

  • 1. Anno 1404 per wine wouldn't start vom 497.28 Punkte ic_school_black_18dp
    Hello, I'm not a very new Linux user nor am I very deep into the Unix system. I recently got a game that I'd like to play again and installed it via wine. Starting Anno 1404 I can see the ingame mouse for a second before it crashes. I run Manjaro Linux wi
  • 2. Correctly escape the random image module output (#20533) vom 206.48 Punkte ic_school_black_18dp
    Escape the random image module output to prevent XSS and fix an issue preventing the random image module from functioning in previous versions Part of security release: 3.8.9 This vulnerability affects the following application versions: Joo
  • 3. [20181005] CSRF hardening in com_installer vom 205.95 Punkte ic_school_black_18dp
    Added additional CSRF hardening in com_installer actions in the backend. CVE-2018-17858 Part of security release: 3.8.13 This vulnerability affects the following application versions: Joomla 2.5.0 Joomla 2.5.1
  • 4. [20180101] - XSS vulnerabilities in the module system vom 198.63 Punkte ic_school_black_18dp
    Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. CVE-2018-6380 Part of security release: 3.8.4 This vulnerability affects the following application versions: Joomla 1.5.16 Joomla 1.5
  • 5. [20180502] Add PHAR files to the upload blacklist vom 198.05 Punkte ic_school_black_18dp
    Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. CVE Number: CVE-2018-11322 Part of security release: 3.8.8 This vulnerability affects the following application versions: Joomla 3.4.
  • 6. [20180502] Add PHAR files to the upload blacklist vom 198.05 Punkte ic_school_black_18dp
    Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. CVE Number: CVE-2018-11322 Part of security release: 3.8.8 This vulnerability affects the following application versions: Joomla 3.4.
  • 7. [20180502] Add PHAR files to the upload blacklist vom 198.05 Punkte ic_school_black_18dp
    Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. CVE Number: CVE-2018-11322 Part of security release: 3.8.8 This vulnerability affects the following application versions: Joomla 3.4.
  • 8. [20180502] Add PHAR files to the upload blacklist vom 198.05 Punkte ic_school_black_18dp
    Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver. CVE Number: CVE-2018-11322 Part of security release: 3.8.8 This vulnerability affects the following application versions: Joomla 3.4.
  • 9. XSS in com_users ACL debug views vom 197.36 Punkte ic_school_black_18dp
    The debug views of com_users did not properly escape user supplied data, which leads to a potential XSS attack vector. CVE-2019-11809 This vulnerability affects the following application versions: Joomla 2.5.0 Joomla 2.5.1
  • 10. XSS in com_users ACL debug views vom 197.36 Punkte ic_school_black_18dp
    The debug views of com_users did not properly escape user supplied data, which leads to a potential XSS attack vector. CVE-2019-11809 This vulnerability affects the following application versions: Joomla 2.5.0 Joomla 2.5.1
  • 11. [20190402] Helpsites refresh endpoint were callable for unauthenticated users vom 197.36 Punkte ic_school_black_18dp
    The "refresh list of helpsites" endpoint of com_users lacked access checks, and allowed calls from unauthenticated users. CVE-2019-10946 This vulnerability affects the following application versions: Joomla 3.2.0 Joomla 3.2.1
  • 12. [20190402] Helpsites refresh endpoint were callable for unauthenticated users vom 197.36 Punkte ic_school_black_18dp
    The "refresh list of helpsites" endpoint of com_users lacked access checks, and allowed calls from unauthenticated users. CVE-2019-10946 This vulnerability affects the following application versions: Joomla 3.2.0 Joomla 3.2.1