MidnightBSD

Advisories for rockettheme

CVE-2010-1056 MEDIUM

Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
rockettheme com_rokdownloads 0.94
rockettheme com_rokdownloads *
rockettheme com_rokdownloads 0.92
rockettheme com_rokdownloads 0.96
rockettheme com_rokdownloads 0.91
rockettheme com_rokdownloads 0.98
rockettheme com_rokdownloads 0.93
rockettheme com_rokdownloads 0.95
rockettheme com_rokdownloads 0.97
rockettheme com_rokdownloads 1.0
CVE-2010-1479 HIGH

SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
rockettheme com_rokmodule 1.1
CVE-2010-1480 HIGH

SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
rockettheme com_rokmodule 1.1
CVE-2024-9382

The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
rockettheme gantry *