G4J.Laoneo Com Gcalendar vulnerabilities
2 known vulnerabilities affecting g4j.laoneo/com_gcalendar.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2010-0972P3HIGHCVSS 7.5PoCv2.1.52010-03-16
CVE-2010-0972 [HIGH] CWE-22 CVE-2010-0972: Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allow
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
nvd
CVE-2009-4099P3HIGHCVSS 7.5PoCv1.1.2v2.1.42009-11-29
CVE-2009-4099 [HIGH] CWE-89 CVE-2009-4099: SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4,
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information.
nvd