Filtered by vendor Fabrikar
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1981 | 1 Fabrikar | 1 Fabrik | 2022-04-22 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2018-10727 | 1 Fabrikar | 1 Fabrik | 2019-10-30 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header. | |||||
CVE-2011-5004 | 2 Fabrikar, Joomla | 2 Com Fabrikar, Joomla\! | 2012-02-16 | 6.0 MEDIUM | N/A |
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. |