Vulnerabilities (CVE)

Filtered by vendor Fabrikar Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10727 1 Fabrikar 1 Fabrik 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header.
CVE-2011-5004 2 Fabrikar, Joomla 2 Com Fabrikar, Joomla\! 2024-11-21 6.0 MEDIUM N/A
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
CVE-2010-1981 1 Fabrikar 1 Fabrik 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.