MidnightBSD

Advisories for joomlacalendars

CVE-2018-6395 HIGH

SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomlacalendars visual_calendar 3.1.3
CVE-2018-6397 MEDIUM

Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
joomlacalendars picture_calendar 3.1.4
CVE-2018-6398 HIGH

SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joomlacalendars event_calendar 3.0.1