Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the cid parameter to album.html.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| danieljamesscott | com_music | 0.8 |
| danieljamesscott | com_music | 0.3 |
| danieljamesscott | com_music | 0.5 |
| danieljamesscott | com_music | 0.7 |
| danieljamesscott | com_music | 0.11 |
| danieljamesscott | com_music | 0.4 |
| danieljamesscott | com_music | 0.6 |
| danieljamesscott | com_music | 0.12 |
| danieljamesscott | com_music | 0.2 |
| danieljamesscott | com_music | 0.9 |
| danieljamesscott | com_music | 0.1 |
| danieljamesscott | com_music | 0.10 |
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| danieljamesscott | com_clubmanager | * |