MidnightBSD

Advisories for janguo

CVE-2010-4769 HIGH

Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
janguo com_jimtawl 1.0.2
CVE-2018-6580 HIGH

Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
janguo jimtawl 2.2.5
janguo jimtawl 2.1.6