Vulnerabilities (CVE)

Filtered by vendor Percha Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2037 2 Joomla, Percha 2 Joomla\!, Com Perchadownloadsattach 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2036 2 Joomla, Percha 2 Joomla\!, Com Perchafieldsattach 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2035 2 Joomla, Percha 2 Joomla\!, Com Perchagallery 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2034 2 Joomla, Percha 2 Joomla\!, Com Perchaimageattach 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2033 2 Joomla, Percha 2 Joomla\!, Com Perchacategoriestree 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0694 2 Joomla, Percha 2 Joomla, Com Perchagallery 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php.